| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.02.2013, 11:53
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.02.2013, 12:46
| #17 |
 | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus weiss auch nicht welchem link ich bei euch da gefolg bin
__________________ anbei der scan mit der neuesten Version über filepony: Code:
ATTFilter 12:41:24.0031 2512 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:41:24.0046 2512 ============================================================
12:41:24.0046 2512 Current date / time: 2013/02/13 12:41:24.0046
12:41:24.0046 2512 SystemInfo:
12:41:24.0046 2512
12:41:24.0046 2512 OS Version: 5.1.2600 ServicePack: 2.0
12:41:24.0046 2512 Product type: Workstation
12:41:24.0046 2512 ComputerName: NINE
12:41:24.0062 2512 UserName: Janine
12:41:24.0062 2512 Windows directory: G:\WINDOWS
12:41:24.0062 2512 System windows directory: G:\WINDOWS
12:41:24.0062 2512 Processor architecture: Intel x86
12:41:24.0062 2512 Number of processors: 1
12:41:24.0062 2512 Page size: 0x1000
12:41:24.0062 2512 Boot type: Normal boot
12:41:24.0062 2512 ============================================================
12:41:25.0437 2512 Drive \Device\Harddisk0\DR0 - Size: 0x9962B8000 (38.35 Gb), SectorSize: 0x200, Cylinders: 0x138D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:41:25.0437 2512 Drive \Device\Harddisk1\DR3 - Size: 0xF1800000 (3.77 Gb), SectorSize: 0x200, Cylinders: 0x1EC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:41:25.0437 2512 ============================================================
12:41:25.0437 2512 \Device\Harddisk0\DR0:
12:41:25.0437 2512 MBR partitions:
12:41:25.0437 2512 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2EE5976
12:41:25.0453 2512 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x2EE59F4, BlocksNum 0x1DC8959
12:41:25.0453 2512 \Device\Harddisk1\DR3:
12:41:25.0453 2512 MBR partitions:
12:41:25.0453 2512 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x78BFC1
12:41:25.0453 2512 ============================================================
12:41:25.0453 2512 D: <-> \Device\Harddisk0\DR0\Partition2
12:41:25.0500 2512 G: <-> \Device\Harddisk0\DR0\Partition1
12:41:25.0500 2512 ============================================================
12:41:25.0500 2512 Initialize success
12:41:25.0500 2512 ============================================================
12:41:27.0562 2532 ============================================================
12:41:27.0562 2532 Scan started
12:41:27.0562 2532 Mode: Manual;
12:41:27.0562 2532 ============================================================
12:41:28.0515 2532 ================ Scan system memory ========================
12:41:29.0578 2532 System memory - ok
12:41:29.0578 2532 ================ Scan services =============================
12:41:29.0781 2532 Abiosdsk - ok
12:41:29.0812 2532 abp480n5 - ok
12:41:29.0890 2532 [ 94B4741D2CF9ED38140B831293D1601A ] ACPI G:\WINDOWS\system32\DRIVERS\ACPI.sys
12:41:29.0906 2532 ACPI - ok
12:41:29.0953 2532 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC G:\WINDOWS\system32\drivers\ACPIEC.sys
12:41:29.0953 2532 ACPIEC - ok
12:41:29.0984 2532 adpu160m - ok
12:41:30.0296 2532 [ 841F385C6CFAF66B58FBD898722BB4F0 ] aec G:\WINDOWS\system32\drivers\aec.sys
12:41:30.0296 2532 aec - ok
12:41:30.0343 2532 [ 5AC495F4CB807B2B98AD2AD591E6D92E ] AFD G:\WINDOWS\System32\drivers\afd.sys
12:41:30.0359 2532 AFD - ok
12:41:30.0390 2532 Aha154x - ok
12:41:30.0437 2532 aic78u2 - ok
12:41:30.0468 2532 aic78xx - ok
12:41:30.0531 2532 [ 1AAB6C5F8376357CB9B16C38C42C4076 ] Alerter G:\WINDOWS\system32\alrsvc.dll
12:41:30.0531 2532 Alerter - ok
12:41:30.0578 2532 [ 6596DD260FFDE1BDC994C1DF236307BB ] ALG G:\WINDOWS\System32\alg.exe
12:41:30.0578 2532 ALG - ok
12:41:30.0609 2532 AliIde - ok
12:41:30.0640 2532 [ FBF9FFB0B638DF1448821BD0ACEEB780 ] AmdK7 G:\WINDOWS\system32\DRIVERS\amdk7.sys
12:41:30.0640 2532 AmdK7 - ok
12:41:30.0671 2532 amsint - ok
12:41:30.0703 2532 AppMgmt - ok
12:41:30.0718 2532 asc - ok
12:41:30.0750 2532 asc3350p - ok
12:41:30.0781 2532 asc3550 - ok
12:41:30.0921 2532 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:41:30.0953 2532 aspnet_state - ok
12:41:31.0015 2532 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac G:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:41:31.0015 2532 AsyncMac - ok
12:41:31.0078 2532 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi G:\WINDOWS\system32\DRIVERS\atapi.sys
12:41:31.0078 2532 atapi - ok
12:41:31.0109 2532 Atdisk - ok
12:41:31.0156 2532 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc G:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:41:31.0171 2532 Atmarpc - ok
12:41:31.0218 2532 [ E98B8250398F6637B335A76BA8DFB602 ] AudioSrv G:\WINDOWS\System32\audiosrv.dll
12:41:31.0218 2532 AudioSrv - ok
12:41:31.0281 2532 [ D9F724AA26C010A217C97606B160ED68 ] audstub G:\WINDOWS\system32\DRIVERS\audstub.sys
12:41:31.0281 2532 audstub - ok
12:41:31.0343 2532 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep G:\WINDOWS\system32\drivers\Beep.sys
12:41:31.0359 2532 Beep - ok
12:41:31.0421 2532 [ 3A5E54A9AB96EF2D273B58136FB58EFE ] BITS G:\WINDOWS\system32\qmgr.dll
12:41:31.0437 2532 BITS - ok
12:41:31.0500 2532 [ D8653DCD80CF2EBB333FC4FCC43A7DEF ] Browser G:\WINDOWS\System32\browser.dll
12:41:31.0500 2532 Browser - ok
12:41:31.0546 2532 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k G:\WINDOWS\system32\drivers\cbidf2k.sys
12:41:31.0546 2532 cbidf2k - ok
12:41:31.0578 2532 cd20xrnt - ok
12:41:31.0640 2532 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio G:\WINDOWS\system32\drivers\Cdaudio.sys
12:41:31.0640 2532 Cdaudio - ok
12:41:31.0703 2532 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs G:\WINDOWS\system32\drivers\Cdfs.sys
12:41:31.0703 2532 Cdfs - ok
12:41:31.0781 2532 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom G:\WINDOWS\system32\DRIVERS\cdrom.sys
12:41:31.0781 2532 Cdrom - ok
12:41:31.0812 2532 Changer - ok
12:41:31.0859 2532 [ 234D52C63C67A8CF4AF9BECCE43BFB4A ] CiSvc G:\WINDOWS\system32\cisvc.exe
12:41:31.0859 2532 CiSvc - ok
12:41:31.0906 2532 [ 0461868578D29DC18FB1C79933C5158A ] ClipSrv G:\WINDOWS\system32\clipsrv.exe
12:41:31.0906 2532 ClipSrv - ok
12:41:31.0984 2532 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 G:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:41:32.0078 2532 clr_optimization_v2.0.50727_32 - ok
12:41:32.0140 2532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:32.0203 2532 clr_optimization_v4.0.30319_32 - ok
12:41:32.0250 2532 CmdIde - ok
12:41:32.0296 2532 COMSysApp - ok
12:41:32.0343 2532 Cpqarray - ok
12:41:32.0406 2532 [ 1A5F9DB98DF7955B4C7CBDBF2C638238 ] CryptSvc G:\WINDOWS\System32\cryptsvc.dll
12:41:32.0406 2532 CryptSvc - ok
12:41:32.0437 2532 dac2w2k - ok
12:41:32.0468 2532 dac960nt - ok
12:41:32.0562 2532 [ 9F28FF58D6D67B123272869D89D14004 ] DcomLaunch G:\WINDOWS\system32\rpcss.dll
12:41:32.0578 2532 DcomLaunch - ok
12:41:32.0703 2532 [ CC8B5C964B777F4EC3E89F13B4B5FF0F ] DCService.exe G:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe
12:41:32.0703 2532 DCService.exe - ok
12:41:32.0781 2532 [ 69F986B2688BA95A0D9362B0E233D5FF ] Dhcp G:\WINDOWS\System32\dhcpcsvc.dll
12:41:32.0781 2532 Dhcp - ok
12:41:32.0812 2532 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk G:\WINDOWS\system32\DRIVERS\disk.sys
12:41:32.0812 2532 Disk - ok
12:41:32.0843 2532 dmadmin - ok
12:41:32.0937 2532 [ 5789B83BA87FC84C3568CF86CACEF8CE ] dmboot G:\WINDOWS\system32\drivers\dmboot.sys
12:41:32.0953 2532 dmboot - ok
12:41:33.0000 2532 [ 084EB0A50A4F7B4705C8A57F234E5291 ] dmio G:\WINDOWS\system32\drivers\dmio.sys
12:41:33.0000 2532 dmio - ok
12:41:33.0078 2532 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload G:\WINDOWS\system32\drivers\dmload.sys
12:41:33.0078 2532 dmload - ok
12:41:33.0109 2532 [ FA2D9D1A9F6B5A88D01E1685CE2378BA ] dmserver G:\WINDOWS\System32\dmserver.dll
12:41:33.0125 2532 dmserver - ok
12:41:33.0171 2532 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic G:\WINDOWS\system32\drivers\DMusic.sys
12:41:33.0187 2532 DMusic - ok
12:41:33.0234 2532 [ D1F5B71BBAEEE07B78980DBD878C0BC7 ] Dnscache G:\WINDOWS\System32\dnsrslvr.dll
12:41:33.0250 2532 Dnscache - ok
12:41:33.0281 2532 dpti2o - ok
12:41:33.0328 2532 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud G:\WINDOWS\system32\drivers\drmkaud.sys
12:41:33.0328 2532 drmkaud - ok
12:41:33.0390 2532 [ 877A4512CC9074D6954776AF47021766 ] ERSvc G:\WINDOWS\System32\ersvc.dll
12:41:33.0390 2532 ERSvc - ok
12:41:33.0437 2532 [ EDB6B81761BD60F32F740BBC40AFB676 ] Eventlog G:\WINDOWS\system32\services.exe
12:41:33.0437 2532 Eventlog - ok
12:41:33.0500 2532 [ 4E1A8645EE77CB9454FFE53C59620A25 ] EventSystem G:\WINDOWS\system32\es.dll
12:41:33.0515 2532 EventSystem - ok
12:41:33.0578 2532 [ A52794C010C6DF5B4BC70C4AB5E04088 ] ewusbnet G:\WINDOWS\system32\DRIVERS\ewusbnet.sys
12:41:33.0578 2532 ewusbnet - ok
12:41:33.0625 2532 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev G:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
12:41:33.0625 2532 ew_hwusbdev - ok
12:41:33.0703 2532 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat G:\WINDOWS\system32\drivers\Fastfat.sys
12:41:33.0703 2532 Fastfat - ok
12:41:33.0765 2532 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] FastUserSwitchingCompatibility G:\WINDOWS\System32\shsvcs.dll
12:41:33.0796 2532 FastUserSwitchingCompatibility - ok
12:41:33.0859 2532 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc G:\WINDOWS\system32\DRIVERS\fdc.sys
12:41:33.0859 2532 Fdc - ok
12:41:33.0921 2532 [ 8787449F8EF116DB0E8E06C3555746A7 ] FET5X86V G:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
12:41:33.0921 2532 FET5X86V - ok
12:41:33.0984 2532 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS G:\WINDOWS\system32\DRIVERS\fetnd5.sys
12:41:33.0984 2532 FETNDIS - ok
12:41:34.0062 2532 [ 9E9AF89F9B14AA6249065C309CE73BD8 ] Fips G:\WINDOWS\system32\drivers\Fips.sys
12:41:34.0078 2532 Fips - ok
12:41:34.0156 2532 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk G:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:41:34.0156 2532 Flpydisk - ok
12:41:34.0218 2532 [ 157754F0DF355A9E0A6F54721914F9C6 ] FltMgr G:\WINDOWS\system32\drivers\fltmgr.sys
12:41:34.0234 2532 FltMgr - ok
12:41:34.0265 2532 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec G:\WINDOWS\system32\drivers\Fs_Rec.sys
12:41:34.0265 2532 Fs_Rec - ok
12:41:34.0296 2532 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk G:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:41:34.0296 2532 Ftdisk - ok
12:41:34.0359 2532 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc G:\WINDOWS\system32\DRIVERS\msgpc.sys
12:41:34.0359 2532 Gpc - ok
12:41:34.0437 2532 [ BA85BCF1A2BCF927C3600574173403E0 ] helpsvc G:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:41:34.0437 2532 helpsvc - ok
12:41:34.0515 2532 [ B647CA198B9C73056ABFB0A9D8F4916D ] HidServ G:\WINDOWS\System32\hidserv.dll
12:41:34.0515 2532 HidServ - ok
12:41:34.0546 2532 [ 1DE6783B918F540149AA69943BDFEBA8 ] hidusb G:\WINDOWS\system32\DRIVERS\hidusb.sys
12:41:34.0562 2532 hidusb - ok
12:41:34.0593 2532 hpn - ok
12:41:34.0671 2532 [ C19B522A9AE0BBC3293397F3055E80A1 ] HTTP G:\WINDOWS\system32\Drivers\HTTP.sys
12:41:34.0687 2532 HTTP - ok
12:41:34.0734 2532 [ 9EC7E866BBDBF3ECC0E67F4E0A838EB2 ] HTTPFilter G:\WINDOWS\System32\w3ssl.dll
12:41:34.0750 2532 HTTPFilter - ok
12:41:34.0796 2532 [ BED3A9F86A637CC6C2C5296CD82423D8 ] huawei_enumerator G:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
12:41:34.0796 2532 huawei_enumerator - ok
12:41:34.0875 2532 [ 1F40368DC40B17DE3FA0FBE8A9D82F9E ] hwdatacard G:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
12:41:34.0875 2532 hwdatacard - ok
12:41:34.0937 2532 hwusbdev - ok
12:41:34.0984 2532 i2omgmt - ok
12:41:35.0015 2532 i2omp - ok
12:41:35.0062 2532 [ 7C575018D0413440D75432A78B88C899 ] i8042prt G:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:41:35.0062 2532 i8042prt - ok
12:41:35.0125 2532 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi G:\WINDOWS\system32\DRIVERS\imapi.sys
12:41:35.0156 2532 Imapi - ok
12:41:35.0203 2532 [ 57D7267A9ED91ECAF4336B08C9628FCA ] ImapiService G:\WINDOWS\system32\imapi.exe
12:41:35.0203 2532 ImapiService - ok
12:41:35.0234 2532 ini910u - ok
12:41:35.0281 2532 IntelIde - ok
12:41:35.0328 2532 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw G:\WINDOWS\system32\drivers\ip6fw.sys
12:41:35.0328 2532 Ip6Fw - ok
12:41:35.0390 2532 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver G:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:41:35.0406 2532 IpFilterDriver - ok
12:41:35.0437 2532 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp G:\WINDOWS\system32\DRIVERS\ipinip.sys
12:41:35.0437 2532 IpInIp - ok
12:41:35.0484 2532 [ B5A8E215AC29D24D60B4D1250EF05ACE ] IpNat G:\WINDOWS\system32\DRIVERS\ipnat.sys
12:41:35.0484 2532 IpNat - ok
12:41:35.0562 2532 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec G:\WINDOWS\system32\DRIVERS\ipsec.sys
12:41:35.0562 2532 IPSec - ok
12:41:35.0609 2532 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM G:\WINDOWS\system32\DRIVERS\irenum.sys
12:41:35.0609 2532 IRENUM - ok
12:41:35.0671 2532 [ CE9B7AFDF0A3D7DD8D1487262316B959 ] isapnp G:\WINDOWS\system32\DRIVERS\isapnp.sys
12:41:35.0687 2532 isapnp - ok
12:41:35.0734 2532 [ B128FC0A5CD83F669D5DE4B58F77C7D6 ] Kbdclass G:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:41:35.0734 2532 Kbdclass - ok
12:41:35.0812 2532 [ 7EC877AA899323B92874FE62C7DDCDE7 ] kbdhid G:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:41:35.0812 2532 kbdhid - ok
12:41:35.0843 2532 [ D93CAD07C5683DB066B0B2D2D3790EAD ] kmixer G:\WINDOWS\system32\drivers\kmixer.sys
12:41:35.0843 2532 kmixer - ok
12:41:36.0015 2532 [ 613CC08496F1FA91FB43303FB65D37C6 ] Kodak AiO Network Discovery Service G:\Programme\Kodak\AiO\Center\EKAiOHostService.exe
12:41:36.0031 2532 Kodak AiO Network Discovery Service - ok
12:41:36.0093 2532 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD G:\WINDOWS\system32\drivers\KSecDD.sys
12:41:36.0093 2532 KSecDD - ok
12:41:36.0156 2532 [ F8170AA51CD202BC062B8A0983F361B7 ] lanmanserver G:\WINDOWS\System32\srvsvc.dll
12:41:36.0171 2532 lanmanserver - ok
12:41:36.0218 2532 [ 36D74668F5448D55887FA3958488DC06 ] lanmanworkstation G:\WINDOWS\System32\wkssvc.dll
12:41:36.0218 2532 lanmanworkstation - ok
12:41:36.0250 2532 lbrtfdc - ok
12:41:36.0328 2532 [ 4C25FADD7FE1D5BD779B20D3D0EB8D7C ] LmHosts G:\WINDOWS\System32\lmhsvc.dll
12:41:36.0328 2532 LmHosts - ok
12:41:36.0375 2532 [ E5215AB942C5AC5F7EB0E54871D7A27C ] Messenger G:\WINDOWS\System32\msgsvc.dll
12:41:36.0375 2532 Messenger - ok
12:41:36.0468 2532 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service D:\Office12\GrooveAuditService.exe
12:41:36.0484 2532 Microsoft Office Groove Audit Service - ok
12:41:36.0531 2532 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd G:\WINDOWS\system32\drivers\mnmdd.sys
12:41:36.0531 2532 mnmdd - ok
12:41:36.0593 2532 [ BB2470D20405B272EA47CA5E18F1C58E ] mnmsrvc G:\WINDOWS\system32\mnmsrvc.exe
12:41:36.0593 2532 mnmsrvc - ok
12:41:36.0640 2532 [ 91A3DA4B12F6F1D760463A7F7857F748 ] Modem G:\WINDOWS\system32\drivers\Modem.sys
12:41:36.0640 2532 Modem - ok
12:41:36.0687 2532 [ 71E15CA47FD947552054AFB28536268F ] Mouclass G:\WINDOWS\system32\DRIVERS\mouclass.sys
12:41:36.0687 2532 Mouclass - ok
12:41:36.0750 2532 [ 66A6F73C74E1791464160A7065CE711A ] mouhid G:\WINDOWS\system32\DRIVERS\mouhid.sys
12:41:36.0750 2532 mouhid - ok
12:41:36.0796 2532 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr G:\WINDOWS\system32\drivers\MountMgr.sys
12:41:36.0796 2532 MountMgr - ok
12:41:36.0812 2532 mraid35x - ok
12:41:36.0859 2532 [ 46EDCC8F2DB2F322C24F48785CB46366 ] MRxDAV G:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:41:36.0859 2532 MRxDAV - ok
12:41:36.0937 2532 [ 1FD607FC67F7F7C633C3DA65BFC53D18 ] MRxSmb G:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:41:36.0953 2532 MRxSmb - ok
12:41:37.0015 2532 [ D059F9C7752EF461476E83180DAA5C62 ] MSDTC G:\WINDOWS\system32\msdtc.exe
12:41:37.0015 2532 MSDTC - ok
12:41:37.0078 2532 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs G:\WINDOWS\system32\drivers\Msfs.sys
12:41:37.0078 2532 Msfs - ok
12:41:37.0109 2532 MSIServer - ok
12:41:37.0156 2532 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV G:\WINDOWS\system32\drivers\MSKSSRV.sys
12:41:37.0156 2532 MSKSSRV - ok
12:41:37.0218 2532 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK G:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:41:37.0218 2532 MSPCLOCK - ok
12:41:37.0234 2532 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM G:\WINDOWS\system32\drivers\MSPQM.sys
12:41:37.0234 2532 MSPQM - ok
12:41:37.0296 2532 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios G:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:41:37.0296 2532 mssmbios - ok
12:41:37.0328 2532 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup G:\WINDOWS\system32\drivers\Mup.sys
12:41:37.0328 2532 Mup - ok
12:41:37.0406 2532 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS G:\WINDOWS\system32\drivers\NDIS.sys
12:41:37.0406 2532 NDIS - ok
12:41:37.0453 2532 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi G:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:41:37.0468 2532 NdisTapi - ok
12:41:37.0531 2532 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio G:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:41:37.0531 2532 Ndisuio - ok
12:41:37.0562 2532 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan G:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:41:37.0562 2532 NdisWan - ok
12:41:37.0609 2532 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy G:\WINDOWS\system32\drivers\NDProxy.sys
12:41:37.0609 2532 NDProxy - ok
12:41:37.0640 2532 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS G:\WINDOWS\system32\DRIVERS\netbios.sys
12:41:37.0656 2532 NetBIOS - ok
12:41:37.0687 2532 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT G:\WINDOWS\system32\DRIVERS\netbt.sys
12:41:37.0687 2532 NetBT - ok
12:41:37.0734 2532 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDE G:\WINDOWS\system32\netdde.exe
12:41:37.0734 2532 NetDDE - ok
12:41:37.0781 2532 [ F4EFF57254F565F39B6029150414A0D5 ] NetDDEdsdm G:\WINDOWS\system32\netdde.exe
12:41:37.0781 2532 NetDDEdsdm - ok
12:41:37.0812 2532 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] Netlogon G:\WINDOWS\system32\lsass.exe
12:41:37.0812 2532 Netlogon - ok
12:41:37.0859 2532 [ CDF4DA6B518105343FE9E8AFBBF8FBF4 ] Netman G:\WINDOWS\System32\netman.dll
12:41:37.0875 2532 Netman - ok
12:41:37.0921 2532 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:41:37.0968 2532 NetTcpPortSharing - ok
12:41:38.0015 2532 [ B36E08F680BAE4DFC5C24D00A2DFC9E7 ] Nla G:\WINDOWS\System32\mswsock.dll
12:41:38.0031 2532 Nla - ok
12:41:38.0093 2532 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs G:\WINDOWS\system32\drivers\Npfs.sys
12:41:38.0125 2532 Npfs - ok
12:41:38.0218 2532 [ B78BE402C3F63DD55521F73876951CDD ] Ntfs G:\WINDOWS\system32\drivers\Ntfs.sys
12:41:38.0234 2532 Ntfs - ok
12:41:38.0281 2532 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] NtLmSsp G:\WINDOWS\system32\lsass.exe
12:41:38.0281 2532 NtLmSsp - ok
12:41:38.0359 2532 [ 428AA946A8D9F32DBB4260C8E6E13377 ] NtmsSvc G:\WINDOWS\system32\ntmssvc.dll
12:41:38.0375 2532 NtmsSvc - ok
12:41:38.0406 2532 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null G:\WINDOWS\system32\drivers\Null.sys
12:41:38.0421 2532 Null - ok
12:41:38.0531 2532 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv G:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:41:38.0609 2532 nv - ok
12:41:38.0687 2532 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt G:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:41:38.0687 2532 NwlnkFlt - ok
12:41:38.0703 2532 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd G:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:41:38.0703 2532 NwlnkFwd - ok
12:41:38.0812 2532 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv G:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
12:41:38.0828 2532 odserv - ok
12:41:38.0890 2532 [ 5A432A042DAE460ABE7199B758E8606C ] ose G:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
12:41:38.0906 2532 ose - ok
12:41:38.0968 2532 [ B2F17A2EDB5450E61973A037F63A595B ] Parport G:\WINDOWS\system32\DRIVERS\parport.sys
12:41:38.0968 2532 Parport - ok
12:41:39.0000 2532 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr G:\WINDOWS\system32\drivers\PartMgr.sys
12:41:39.0015 2532 PartMgr - ok
12:41:39.0062 2532 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm G:\WINDOWS\system32\drivers\ParVdm.sys
12:41:39.0093 2532 ParVdm - ok
12:41:39.0109 2532 [ 6FB463E5B243FBD6F3D3C83F914D94FB ] PCI G:\WINDOWS\system32\DRIVERS\pci.sys
12:41:39.0109 2532 PCI - ok
12:41:39.0156 2532 PCIDump - ok
12:41:39.0203 2532 PCIIde - ok
12:41:39.0250 2532 [ E2363F4C1DAFF89ABEE5F593E13D8A05 ] Pcmcia G:\WINDOWS\system32\drivers\Pcmcia.sys
12:41:39.0281 2532 Pcmcia - ok
12:41:39.0312 2532 PDCOMP - ok
12:41:39.0343 2532 PDFRAME - ok
12:41:39.0375 2532 PDRELI - ok
12:41:39.0406 2532 PDRFRAME - ok
12:41:39.0437 2532 perc2 - ok
12:41:39.0468 2532 perc2hib - ok
12:41:39.0593 2532 [ EDB6B81761BD60F32F740BBC40AFB676 ] PlugPlay G:\WINDOWS\system32\services.exe
12:41:39.0593 2532 PlugPlay - ok
12:41:39.0609 2532 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] PolicyAgent G:\WINDOWS\system32\lsass.exe
12:41:39.0609 2532 PolicyAgent - ok
12:41:39.0656 2532 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport G:\WINDOWS\system32\DRIVERS\raspptp.sys
12:41:39.0656 2532 PptpMiniport - ok
12:41:39.0703 2532 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] ProtectedStorage G:\WINDOWS\system32\lsass.exe
12:41:39.0703 2532 ProtectedStorage - ok
12:41:39.0734 2532 [ 48671F327553DCF1D27F6197F622A668 ] PSched G:\WINDOWS\system32\DRIVERS\psched.sys
12:41:39.0734 2532 PSched - ok
12:41:39.0750 2532 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink G:\WINDOWS\system32\DRIVERS\ptilink.sys
12:41:39.0750 2532 Ptilink - ok
12:41:39.0765 2532 ql1080 - ok
12:41:39.0796 2532 Ql10wnt - ok
12:41:39.0828 2532 ql12160 - ok
12:41:39.0859 2532 ql1240 - ok
12:41:39.0890 2532 ql1280 - ok
12:41:39.0937 2532 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd G:\WINDOWS\system32\DRIVERS\rasacd.sys
12:41:39.0937 2532 RasAcd - ok
12:41:40.0000 2532 [ E3C6E87C1F84584A773D7C3DD205DBFF ] RasAuto G:\WINDOWS\System32\rasauto.dll
12:41:40.0015 2532 RasAuto - ok
12:41:40.0062 2532 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp G:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:41:40.0062 2532 Rasl2tp - ok
12:41:40.0109 2532 [ A5D2D745A2AEFA327DCA6DA317B5FD70 ] RasMan G:\WINDOWS\System32\rasmans.dll
12:41:40.0125 2532 RasMan - ok
12:41:40.0140 2532 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe G:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:41:40.0140 2532 RasPppoe - ok
12:41:40.0171 2532 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti G:\WINDOWS\system32\DRIVERS\raspti.sys
12:41:40.0187 2532 Raspti - ok
12:41:40.0218 2532 [ 29D66245ADBA878FFF574CD66ABD2884 ] Rdbss G:\WINDOWS\system32\DRIVERS\rdbss.sys
12:41:40.0218 2532 Rdbss - ok
12:41:40.0250 2532 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD G:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:41:40.0250 2532 RDPCDD - ok
12:41:40.0343 2532 [ D4F5643D7714EF499AE9527FDCD50894 ] RDPWD G:\WINDOWS\system32\drivers\RDPWD.sys
12:41:40.0343 2532 RDPWD - ok
12:41:40.0390 2532 [ AEC159942DF64A9890072D7BB1797762 ] RDSessMgr G:\WINDOWS\system32\sessmgr.exe
12:41:40.0406 2532 RDSessMgr - ok
12:41:40.0453 2532 [ AA56702E230860565CB8D43680F57F33 ] redbook G:\WINDOWS\system32\DRIVERS\redbook.sys
12:41:40.0453 2532 redbook - ok
12:41:40.0515 2532 [ EBA80CDF25E02084857957E820004934 ] RemoteAccess G:\WINDOWS\System32\mprdim.dll
12:41:40.0515 2532 RemoteAccess - ok
12:41:40.0593 2532 [ DA23F9F3F1B1871120F980A6879581AC ] RpcLocator G:\WINDOWS\system32\locator.exe
12:41:40.0593 2532 RpcLocator - ok
12:41:40.0640 2532 [ 9F28FF58D6D67B123272869D89D14004 ] RpcSs G:\WINDOWS\system32\rpcss.dll
12:41:40.0656 2532 RpcSs - ok
12:41:40.0718 2532 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP G:\WINDOWS\system32\rsvp.exe
12:41:40.0718 2532 RSVP - ok
12:41:40.0765 2532 RT73 - ok
12:41:40.0812 2532 [ 183805EB05BCA5A1E4AAAED4D2BE3690 ] SamSs G:\WINDOWS\system32\lsass.exe
12:41:40.0812 2532 SamSs - ok
12:41:40.0859 2532 [ B4CF7B42DE6CFA6FDE7D6AF4DAA55F57 ] SCardSvr G:\WINDOWS\System32\SCardSvr.exe
12:41:40.0875 2532 SCardSvr - ok
12:41:40.0921 2532 [ D5E73842F38E24457C63FEF8CEFFBE19 ] Schedule G:\WINDOWS\system32\schedsvc.dll
12:41:40.0921 2532 Schedule - ok
12:41:40.0984 2532 Scutum50 - ok
12:41:41.0031 2532 [ D26E26EA516450AF9D072635C60387F4 ] Secdrv G:\WINDOWS\system32\DRIVERS\secdrv.sys
12:41:41.0062 2532 Secdrv - ok
12:41:41.0140 2532 [ FED544B43903FB801B106F062110358A ] seclogon G:\WINDOWS\System32\seclogon.dll
12:41:41.0140 2532 seclogon - ok
12:41:41.0171 2532 [ AB74D986C1DD0D0C95B6AD37EC1E9F4F ] SENS G:\WINDOWS\system32\sens.dll
12:41:41.0171 2532 SENS - ok
12:41:41.0218 2532 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum G:\WINDOWS\system32\DRIVERS\serenum.sys
12:41:41.0218 2532 serenum - ok
12:41:41.0250 2532 [ CD5B9995AFCDB466C9EFC048D167E3BE ] Serial G:\WINDOWS\system32\DRIVERS\serial.sys
12:41:41.0265 2532 Serial - ok
12:41:41.0359 2532 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy G:\WINDOWS\system32\drivers\Sfloppy.sys
12:41:41.0359 2532 Sfloppy - ok
12:41:41.0406 2532 [ 9245420422E409A25C1410ACB4244060 ] SharedAccess G:\WINDOWS\System32\ipnathlp.dll
12:41:41.0421 2532 SharedAccess - ok
12:41:41.0468 2532 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] ShellHWDetection G:\WINDOWS\System32\shsvcs.dll
12:41:41.0468 2532 ShellHWDetection - ok
12:41:41.0500 2532 Simbad - ok
12:41:41.0562 2532 Sparrow - ok
12:41:41.0625 2532 [ 8E186B8F23295D1E42C573B82B80D548 ] splitter G:\WINDOWS\system32\drivers\splitter.sys
12:41:41.0625 2532 splitter - ok
12:41:41.0671 2532 [ 54E7113A4BD696E430919BCAF5C65E06 ] Spooler G:\WINDOWS\system32\spoolsv.exe
12:41:41.0671 2532 Spooler - ok
12:41:41.0750 2532 [ E4200CB2F418D8FC4ACDD7E38C419D6A ] sr G:\WINDOWS\system32\DRIVERS\sr.sys
12:41:41.0750 2532 sr - ok
12:41:41.0796 2532 [ 015F302C4CF961F20C3F98F3A7CA7917 ] srservice G:\WINDOWS\system32\srsvc.dll
12:41:41.0796 2532 srservice - ok
12:41:41.0859 2532 [ 20B7E396720353E4117D64D9DCB926CA ] Srv G:\WINDOWS\system32\DRIVERS\srv.sys
12:41:41.0875 2532 Srv - ok
12:41:41.0937 2532 [ 6FA03B462B2FFFE2627171B7FE73EE29 ] SSDPSRV G:\WINDOWS\System32\ssdpsrv.dll
12:41:41.0937 2532 SSDPSRV - ok
12:41:42.0031 2532 [ 7E751068ADA60FC77638622E86A7CD9E ] stisvc G:\WINDOWS\system32\wiaservc.dll
12:41:42.0062 2532 stisvc - ok
12:41:42.0125 2532 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum G:\WINDOWS\system32\DRIVERS\swenum.sys
12:41:42.0156 2532 swenum - ok
12:41:42.0218 2532 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi G:\WINDOWS\system32\drivers\swmidi.sys
12:41:42.0218 2532 swmidi - ok
12:41:42.0250 2532 SwPrv - ok
12:41:42.0312 2532 symc810 - ok
12:41:42.0359 2532 symc8xx - ok
12:41:42.0390 2532 sym_hi - ok
12:41:42.0421 2532 sym_u3 - ok
12:41:42.0453 2532 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio G:\WINDOWS\system32\drivers\sysaudio.sys
12:41:42.0453 2532 sysaudio - ok
12:41:42.0500 2532 [ 6D0C43DF9D3A7C5A9B4F94772CBD5DDC ] SysmonLog G:\WINDOWS\system32\smlogsvc.exe
12:41:42.0500 2532 SysmonLog - ok
12:41:42.0546 2532 [ 4584E2A5FE662AB3E7C32936E1449043 ] TapiSrv G:\WINDOWS\System32\tapisrv.dll
12:41:42.0562 2532 TapiSrv - ok
12:41:42.0625 2532 [ 9F4B36614A0FC234525BA224957DE55C ] Tcpip G:\WINDOWS\system32\DRIVERS\tcpip.sys
12:41:42.0625 2532 Tcpip - ok
12:41:42.0671 2532 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE G:\WINDOWS\system32\drivers\TDPIPE.sys
12:41:42.0687 2532 TDPIPE - ok
12:41:42.0718 2532 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP G:\WINDOWS\system32\drivers\TDTCP.sys
12:41:42.0718 2532 TDTCP - ok
12:41:42.0781 2532 [ A540A99C281D933F3D69D55E48727F47 ] TermDD G:\WINDOWS\system32\DRIVERS\termdd.sys
12:41:42.0781 2532 TermDD - ok
12:41:42.0843 2532 [ 1850BC10DE5DCCCEDE063FC2D0F2CEDA ] TermService G:\WINDOWS\System32\termsrv.dll
12:41:42.0859 2532 TermService - ok
12:41:42.0968 2532 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc G:\Programme\o2\Mobile Connection Manager\ImpWiFiSvc.exe
12:41:42.0968 2532 TGCM_ImportWiFiSvc - ok
12:41:43.0000 2532 [ BAC5F7F0C2B8C1B9832594851E0F9914 ] Themes G:\WINDOWS\System32\shsvcs.dll
12:41:43.0015 2532 Themes - ok
12:41:43.0078 2532 [ E27982D1C30AE1DD7EB8EB5CAF8D20C6 ] tidnet G:\WINDOWS\system32\DRIVERS\tidnet.sys
12:41:43.0078 2532 tidnet - ok
12:41:43.0109 2532 TosIde - ok
12:41:43.0140 2532 [ A34E894201D66E380E1FA96FE11B587E ] TrkWks G:\WINDOWS\system32\trkwks.dll
12:41:43.0156 2532 TrkWks - ok
12:41:43.0218 2532 [ 49C805D42D75EDDC9B6A7130999C9054 ] uagp35 G:\WINDOWS\system32\DRIVERS\uagp35.sys
12:41:43.0218 2532 uagp35 - ok
12:41:43.0296 2532 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs G:\WINDOWS\system32\drivers\Udfs.sys
12:41:43.0296 2532 Udfs - ok
12:41:43.0328 2532 ultra - ok
12:41:43.0406 2532 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update G:\WINDOWS\system32\DRIVERS\update.sys
12:41:43.0421 2532 Update - ok
12:41:43.0484 2532 [ 09D4A2D7C5A8ABEC227D118765FAADDF ] upnphost G:\WINDOWS\System32\upnphost.dll
12:41:43.0484 2532 upnphost - ok
12:41:43.0531 2532 [ A99F867E76CFDAA28EE305B93F70E84F ] UPS G:\WINDOWS\System32\ups.exe
12:41:43.0531 2532 UPS - ok
12:41:43.0593 2532 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp G:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:41:43.0593 2532 usbccgp - ok
12:41:43.0656 2532 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci G:\WINDOWS\system32\DRIVERS\usbehci.sys
12:41:43.0656 2532 usbehci - ok
12:41:43.0703 2532 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub G:\WINDOWS\system32\DRIVERS\usbhub.sys
12:41:43.0703 2532 usbhub - ok
12:41:43.0765 2532 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint G:\WINDOWS\system32\DRIVERS\usbprint.sys
12:41:43.0765 2532 usbprint - ok
12:41:43.0796 2532 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan G:\WINDOWS\system32\DRIVERS\usbscan.sys
12:41:43.0796 2532 usbscan - ok
12:41:43.0843 2532 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor G:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:41:43.0859 2532 usbstor - ok
12:41:43.0890 2532 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci G:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:41:43.0890 2532 usbuhci - ok
12:41:43.0937 2532 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave G:\WINDOWS\System32\drivers\vga.sys
12:41:43.0937 2532 VgaSave - ok
12:41:43.0984 2532 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde G:\WINDOWS\system32\DRIVERS\viaide.sys
12:41:43.0984 2532 ViaIde - ok
12:41:44.0062 2532 [ EC14FEDCFC97F0AF98215CE385AFEC23 ] VIAudio G:\WINDOWS\system32\drivers\viaudios.sys
12:41:44.0078 2532 VIAudio - ok
12:41:44.0140 2532 [ F95C0FCFBCBDA6D8F202D2DF4052F88D ] videX32 G:\WINDOWS\system32\DRIVERS\videX32.sys
12:41:44.0156 2532 videX32 - ok
12:41:44.0203 2532 [ D6888520FF56D72A50437E371CA25FC9 ] VolSnap G:\WINDOWS\system32\drivers\VolSnap.sys
12:41:44.0203 2532 VolSnap - ok
12:41:44.0250 2532 [ AAF94BC88ECDF0AE0586805DAD1E59C4 ] Vsp G:\WINDOWS\system32\drivers\Vsp.sys
12:41:44.0250 2532 Vsp - ok
12:41:44.0328 2532 [ 6635ECBF0D8090DC3A452D0D072B5D5B ] VSS G:\WINDOWS\System32\vssvc.exe
12:41:44.0328 2532 VSS - ok
12:41:44.0421 2532 [ C6D874CD2A5B83CD11CDEBD28A638584 ] W32Time G:\WINDOWS\system32\w32time.dll
12:41:44.0437 2532 W32Time - ok
12:41:44.0484 2532 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp G:\WINDOWS\system32\DRIVERS\wanarp.sys
12:41:44.0484 2532 Wanarp - ok
12:41:44.0562 2532 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 G:\WINDOWS\system32\Drivers\wdf01000.sys
12:41:44.0578 2532 Wdf01000 - ok
12:41:44.0593 2532 WDICA - ok
12:41:44.0640 2532 [ 2797F33EBF50466020C430EE4F037933 ] wdmaud G:\WINDOWS\system32\drivers\wdmaud.sys
12:41:44.0656 2532 wdmaud - ok
12:41:44.0687 2532 [ 1EB51FEEA9D3208EAE60604F4346C02E ] WebClient G:\WINDOWS\System32\webclnt.dll
12:41:44.0687 2532 WebClient - ok
12:41:44.0796 2532 [ DA2DADB42916E59C6E4BBA593BCCDA73 ] winmgmt G:\WINDOWS\system32\wbem\WMIsvc.dll
12:41:44.0796 2532 winmgmt - ok
12:41:44.0937 2532 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN G:\WINDOWS\system32\mspmsnsv.dll
12:41:44.0937 2532 WmdmPmSN - ok
12:41:45.0062 2532 [ 042A78FCD1ADFB0FBA9865D55C6F5CC1 ] WmiApSrv G:\WINDOWS\system32\wbem\wmiapsrv.exe
12:41:45.0093 2532 WmiApSrv - ok
12:41:45.0218 2532 [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc G:\Programme\Windows Media Player\WMPNetwk.exe
12:41:45.0234 2532 WMPNetworkSvc - ok
12:41:45.0296 2532 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb G:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:41:45.0296 2532 WpdUsb - ok
12:41:45.0375 2532 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 G:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:41:45.0406 2532 WPFFontCache_v0400 - ok
12:41:45.0484 2532 [ BD3561AAE748150CF51C2CA876449EA7 ] wscsvc G:\WINDOWS\system32\wscsvc.dll
12:41:45.0484 2532 wscsvc - ok
12:41:45.0546 2532 [ 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6 ] wuauserv G:\WINDOWS\system32\wuauserv.dll
12:41:45.0546 2532 wuauserv - ok
12:41:45.0625 2532 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf G:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:41:45.0625 2532 WudfPf - ok
12:41:45.0687 2532 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd G:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:41:45.0687 2532 WudfRd - ok
12:41:45.0734 2532 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc G:\WINDOWS\System32\WUDFSvc.dll
12:41:45.0734 2532 WudfSvc - ok
12:41:45.0812 2532 [ AE83ADA96575DACF533C2BCB1FC163DC ] WZCSVC G:\WINDOWS\System32\wzcsvc.dll
12:41:45.0828 2532 WZCSVC - ok
12:41:45.0890 2532 [ 8302DE1C64618D72346DD0034DBC5D9B ] xmlprov G:\WINDOWS\System32\xmlprov.dll
12:41:45.0906 2532 xmlprov - ok
12:41:45.0968 2532 ================ Scan global ===============================
12:41:46.0015 2532 [ 1B91BAC6996731EE8925F58205DCB016 ] G:\WINDOWS\system32\basesrv.dll
12:41:46.0031 2532 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
12:41:46.0078 2532 [ 6D4006EF6E45030BCA14CBFE8893E9B9 ] G:\WINDOWS\system32\winsrv.dll
12:41:46.0109 2532 [ EDB6B81761BD60F32F740BBC40AFB676 ] G:\WINDOWS\system32\services.exe
12:41:46.0109 2532 [Global] - ok
12:41:46.0125 2532 ================ Scan MBR ==================================
12:41:46.0156 2532 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
12:41:46.0343 2532 \Device\Harddisk0\DR0 - ok
12:41:46.0375 2532 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
12:41:49.0875 2532 \Device\Harddisk1\DR3 - ok
12:41:49.0890 2532 ================ Scan VBR ==================================
12:41:49.0921 2532 [ 7767DD76ED07D454C8DB40C296EE48F1 ] \Device\Harddisk0\DR0\Partition1
12:41:49.0921 2532 \Device\Harddisk0\DR0\Partition1 - ok
12:41:49.0937 2532 [ A15C46E6776ADDFDE30820EDFC5FF27D ] \Device\Harddisk0\DR0\Partition2
12:41:49.0953 2532 \Device\Harddisk0\DR0\Partition2 - ok
12:41:49.0968 2532 [ BCC84796F92FE3DEBAF9882492BA9620 ] \Device\Harddisk1\DR3\Partition1
12:41:49.0968 2532 \Device\Harddisk1\DR3\Partition1 - ok
12:41:49.0984 2532 ============================================================
12:41:49.0984 2532 Scan finished
12:41:49.0984 2532 ============================================================
12:41:50.0046 2524 Detected object count: 0
12:41:50.0046 2524 Actual detected object count: 0
12:41:55.0562 2508 Deinitialize success
|
|
13.02.2013, 13:44
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Wieviele Festplatten hast du in diesem Rechner? Zwei?
__________________Auf welcher ist Windows installiert? Geh mal am besten in die Datenträgerverlwatung (Start, Ausführen, diskmgmt.msc reinschreiben => ok und bitte Fenster maximieren) dann einen Screenshot erstellen und hier posten (in den Anhang das Bild oder bei Saved.im hochladen und hier verlinken)
__________________ |
|
13.02.2013, 15:37
| #19 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus es sollte eine Festplatte sein, die geteilt wurde |
|
13.02.2013, 15:42
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Aber: Code:
ATTFilter Drive \Device\Harddisk0\DR0 - Size: 0x9962B8000 (38.35 Gb)
Drive \Device\Harddisk1\DR3 - Size: 0xF1800000 (3.77 Gb)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2013, 15:54
| #21 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus verstehe! Ja, ich nutze einen 4GB USB-stick um Dateien vom internetfahigen Laptop zum befallenen & nicht internetfähigen Desktop zu transportieren. Der hat beim Scan wahrscheinlich im port gesteckt! |
|
13.02.2013, 17:04
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Ich finde wir sollten vorsichtshalber den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht. Bevor du aswMBR startest bitte auch den USB-Stick abklemmen. Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar. Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm! Anschließend Windows neu starten und ein neues Log mit aswMBR und bitte auch GMER machen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.02.2013, 19:53
| #23 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus habe weder Daten noch Anti-Virenprogramm auf dem Desktop aber aswmbr "nur" starten und auf FIX klicken geht nicht weil dann immer eine Fehlermeldung kommt und das Programm beendet wird, muss ich also erst wieder die avast definitionen laden lassen und den scan laufen lassen? |
|
14.02.2013, 10:59
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Du solltest auf FixMBR klicken, nicht auf Fix!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2013, 13:28
| #25 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus meinte fixMBR, der "nur" fix button ist ja noch gar nicht aktiv anbei der screenshot von der Fehlermeldung |
|
14.02.2013, 13:56
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Mach mal erst nen Scan, dann FixMBR
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.02.2013, 18:39
| #27 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusCode:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-14 17:51:07
-----------------------------
17:51:07.468 OS Version: Windows 5.1.2600 Service Pack 2
17:51:07.468 Number of processors: 1 586 0x602
17:51:07.468 ComputerName: NINE UserName:
17:51:07.937 Initialize success
18:02:00.671 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:02:00.671 Disk 0 Vendor: IC35L040AVVN07-0 VA2OAF0C Size: 39266MB BusType: 3
18:02:00.687 Disk 1 MBR read successfully
18:02:00.687 Disk 1 MBR scan
18:02:00.687 Disk 1 Windows XP default MBR code
18:02:00.687 Disk 1 MBR hidden
18:02:00.687 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 24011 MB offset 63
18:02:00.687 Disk 1 Partition - 00 0F Extended LBA 15249 MB offset 49174965
18:02:00.703 Disk 1 Partition 2 00 0B FAT32 MSWIN4.1 15249 MB offset 49175028
18:02:00.781 Disk 1 scanning G:\WINDOWS\system32\drivers
18:02:09.015 Service scanning
18:02:23.703 Modules scanning
18:03:17.328 Disk 1 trace - called modules:
18:03:17.328 ntoskrnl.exe CLASSPNP.SYS disk.sys hal.dll
18:03:17.843 1 nt!IofCallDriver -> \Device\Harddisk1\DR3[0x81eec3c0]
18:03:17.843 Scan finished successfully
18:08:26.859 Disk 1 MBR has been saved successfully to "G:\Dokumente und Einstellungen\Janine\Desktop\MBR.dat"
18:08:26.859 The log file has been saved successfully to "G:\Dokumente und Einstellungen\Janine\Desktop\aswMBRneu.txt"
GMER Logfile: Code:
ATTFilter GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-14 18:28:57
Windows 5.1.2600 Service Pack 2 \Device\Harddisk1\DR3 -> \Device\Ide\IdePort0 HUAWEI__ rev.2.31 0,00MB
Running: gmer_2.0.18454.exe; Driver: G:\DOKUME~1\Janine\LOKALE~1\Temp\pxtdqpow.sys
---- Kernel code sections - GMER 2.0 ----
? G:\DOKUME~1\Janine\LOKALE~1\Temp\aswMBR.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 2.0 ----
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[360] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[604] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!CallNextHookEx 77D1ED6E 5 Bytes JMP 0122DD81 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!SetWindowsHookExW 77D3E621 5 Bytes JMP 0122DBCB G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!UnhookWindowsHookEx 77D3F29F 5 Bytes JMP 01191CA2 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[608] ole32.dll!CoCreateInstance 774F6009 5 Bytes JMP 0123488E G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!CallNextHookEx 77D1ED6E 5 Bytes JMP 0122DD81 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!CreateWindowExW 77D21AD5 5 Bytes JMP 01234832 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!DialogBoxParamW 77D26702 5 Bytes JMP 01159315 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!DialogBoxParamA 77D288E1 5 Bytes JMP 0134DFBE G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!DialogBoxIndirectParamW 77D32598 5 Bytes JMP 0134E021 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!MessageBoxIndirectA 77D3AEF1 5 Bytes JMP 0134DF51 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!SetWindowsHookExW 77D3E621 5 Bytes JMP 0122DBCB G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!UnhookWindowsHookEx 77D3F29F 5 Bytes JMP 01191CA2 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!MessageBoxExW 77D50559 5 Bytes JMP 0134DE22 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!MessageBoxExA 77D5057D 5 Bytes JMP 0134DE84 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!DialogBoxIndirectParamA 77D56CED 5 Bytes JMP 0134E084 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] USER32.dll!MessageBoxIndirectW 77D660B7 5 Bytes JMP 0134DEE6 G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] ole32.dll!CoCreateInstance 774F6009 5 Bytes JMP 0123488E G:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!GetSysColor 77D18E50 5 Bytes JMP 0045B9C0 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!GetSysColorBrush 77D18E83 5 Bytes JMP 0045BA20 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!SetScrollInfo 77D1902C 7 Bytes JMP 0045B8B0 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!GetScrollPos 77D1F66F 5 Bytes JMP 0045B840 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!SetScrollRange 77D1F6BB 5 Bytes JMP 0045B930 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!SetScrollPos 77D1F780 5 Bytes JMP 0045B8F0 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!GetScrollRange 77D1F7B7 5 Bytes JMP 0045B870 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!ShowScrollBar 77D20142 5 Bytes JMP 0045B980 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!GetScrollInfo 77D23A2F 7 Bytes JMP 0045B800 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
.text G:\Programme\Mobile Partner\Mobile Partner.exe[2112] USER32.dll!EnableScrollBar 77D67BAD 7 Bytes JMP 0045B7C0 G:\Programme\Mobile Partner\SkinMagicU.dll (SkinMagic Toolkit/Appspeed Inc.)
---- User IAT/EAT - GMER 2.0 ----
IAT G:\Programme\Internet Explorer\IEXPLORE.EXE[608] @ G:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00C718FD] G:\Programme\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT G:\Programme\Internet Explorer\IEXPLORE.EXE[1472] @ G:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00C718FD] G:\Programme\Internet Explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Disk sectors - GMER 2.0 ----
Disk \Device\Harddisk1\DR3 sector 00: rootkit-like behavior
---- EOF - GMER 2.0 ----
|
|
15.02.2013, 09:49
| #28 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten ModusZitat:
Anschließend: Live-System PartedMagic / GParted
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.02.2013, 16:16
| #29 |
| | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus hab die gewünschte Datei hochgeladen gibt es eine Alternative zu ISO-Image? Erst wird mir angezeigt, dass der Download mit meinem Surfstick 16 Stunden dauern soll aber dann nach wenigen Minuten stürtz mein Internet immer ab |
|
18.02.2013, 13:39
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus Nein gibt es so nicht. Ich will mir mit einem anderen System deine Partitionen ansehen weil ich Grund zur Annahme habe, dass ein aktiver Schädling unter Windows uns falsche Infos liefert. Deswegen ist der Weg über Linux im Moment alternativlos. Lade das CD-Abbild doch von einem anderen Rechner mit schneller Internetverbindung runter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu BKA Trojaner XP desktop Sperrung auch im abgesicherten Modus |
| abgesicherte, abgesicherten, abgesicherten modus, aktualisierung, bka trojaner, bka trojaner xp, desktop, guten, modus, programmes, rechner, sperrbildschirm, sperrung, troja, trojaner, virenprogrammes |
Linear-Darstellung
