| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Load Programm wird nicht installiert und Malwarebytes nach Start wieder geschlossenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.10.2010, 13:38
| #16 |
 |  Load Programm wird nicht installiert und Malwarebytes nach Start wieder geschlossen So nun habe ich alles hinbekommen. Als erstes das was OSAM sagt: OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 14:53:19 on 18.10.2010 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.10 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\DOKUME~1\sw\LOKALE~1\Temp\catchme.sys (File not found) "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "eamon" (eamon) - "ESET" - C:\WINDOWS\System32\DRIVERS\eamon.sys "ehdrv" (ehdrv) - "ESET" - C:\WINDOWS\System32\DRIVERS\ehdrv.sys "epfwtdir" (epfwtdir) - "ESET" - C:\WINDOWS\System32\DRIVERS\epfwtdir.sys "FSLX" (FSLX) - "Symantec Corp." - C:\WINDOWS\system32\drivers\fslx.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "MBAMSwissArmy" (MBAMSwissArmy) - "Malwarebytes Corporation" - C:\WINDOWS\system32\drivers\mbamswissarmy.sys "Nal Service " (NAL) - "Intel Corporation " - C:\WINDOWS\system32\Drivers\iqvw32.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found) {B089FE88-FB52-11D3-BDF1-0050DA34150D} "ESET Smart Security - Context Menu Shell Extension" - "ESET" - C:\Programme\ESET\ESET NOD32 Antivirus\shellExt.dll {1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found) {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll {BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "@C:\Programme\Messenger\Msgslang.dll,-61144" - "Microsoft Corporation" - C:\Programme\Messenger\msmsgs.exe {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} "ClsidExtension" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {0FB6A909-6086-458F-BD92-1F8EE10042A0} "AC-Pro" - "SimplyGen" - C:\Programme\AutocompletePro\AutocompletePro.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "SSVHelper Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll [Logon] -----( %AllUsersProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini -----( %UserProfile%\Startmenü\Programme\Autostart )----- "desktop.ini" - ? - C:\Dokumente und Einstellungen\sw\Startmenü\Programme\Autostart\desktop.ini -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" "ATIPTA" - "ATI Technologies, Inc." - "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" "egui" - "ESET" - "C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice "PDF Complete" - "PDF Complete Inc" - C:\Programme\PDF Complete\pdfsty.exe "SetRefresh" - "Hewlett-Packard Company" - C:\Programme\Compaq\SetRefresh\SetRefresh.exe "Time Watch" - "7tech Limited" - "C:\Programme\Time Watch\TimeWatch4.exe" hide [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFC" - "PDF Complete, Inc." - C:\WINDOWS\system32\pdfc_port.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "ESET HTTP Server" (EhttpSrv) - "ESET" - C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe "ESET Service" (ekrn) - "ESET" - C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe "HID Input Service" (HidServ) - ? - C:\WINDOWS\System32\hidserv.dll (File not found) "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE "PDF Document Manager" (pdfcDispatcher) - "PDF Complete Inc" - C:\Programme\PDF Complete\pdfsvc.exe "SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe "SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe "Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe "Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [Winlogon] -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru und nun noch das von MBRCheck MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows XP Professional Windows Information: Service Pack 3 (build 2600) Logical Drives Mask: 0x000c804c Kernel Drivers (total 117): 0x804D7000 \WINDOWS\system32\ntkrnlpa.exe 0x806E5000 \WINDOWS\system32\hal.dll 0xF7987000 \WINDOWS\system32\KDCOM.DLL 0xF7897000 \WINDOWS\system32\BOOTVID.dll 0xF7357000 ACPI.sys 0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS 0xF7346000 pci.sys 0xF7487000 isapnp.sys 0xF7497000 MountMgr.sys 0xF7327000 ftdisk.sys 0xF798B000 dmload.sys 0xF7301000 dmio.sys 0xF7707000 PartMgr.sys 0xF74A7000 VolSnap.sys 0xF72E9000 atapi.sys 0xF7210000 iaStor.sys 0xF74B7000 disk.sys 0xF74C7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS 0xF71F0000 fltMgr.sys 0xF71DE000 sr.sys 0xF71C7000 KSecDD.sys 0xF713A000 Ntfs.sys 0xF710D000 NDIS.sys 0xF74D7000 ohci1394.sys 0xF74E7000 \WINDOWS\system32\DRIVERS\1394BUS.SYS 0xF70F3000 Mup.sys 0xF7557000 \SystemRoot\system32\DRIVERS\intelppm.sys 0xF6C59000 \SystemRoot\system32\DRIVERS\ati2mtag.sys 0xF6C45000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS 0xF6C1D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0xF6BDF000 \SystemRoot\system32\DRIVERS\e1y5132.sys 0xF77E7000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0xF6BBB000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0xF7817000 \SystemRoot\system32\DRIVERS\usbehci.sys 0xF7567000 \SystemRoot\system32\DRIVERS\nic1394.sys 0xF7577000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0xF7847000 \SystemRoot\system32\DRIVERS\mouclass.sys 0xF7587000 \SystemRoot\system32\DRIVERS\imapi.sys 0xF7597000 \SystemRoot\system32\DRIVERS\cdrom.sys 0xF75A7000 \SystemRoot\system32\DRIVERS\redbook.sys 0xF6B98000 \SystemRoot\system32\DRIVERS\ks.sys 0xF7B5C000 \SystemRoot\system32\DRIVERS\audstub.sys 0xF75B7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0xF7973000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0xF6B81000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0xF75C7000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0xF75D7000 \SystemRoot\system32\DRIVERS\raspptp.sys 0xF7757000 \SystemRoot\system32\DRIVERS\TDI.SYS 0xF6B70000 \SystemRoot\system32\DRIVERS\psched.sys 0xF75E7000 \SystemRoot\system32\DRIVERS\msgpc.sys 0xF777F000 \SystemRoot\system32\DRIVERS\ptilink.sys 0xF778F000 \SystemRoot\system32\DRIVERS\raspti.sys 0xF6B40000 \SystemRoot\system32\DRIVERS\rdpdr.sys 0xF75F7000 \SystemRoot\system32\DRIVERS\termdd.sys 0xF77D7000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0xF79AF000 \SystemRoot\system32\DRIVERS\swenum.sys 0xF70BB000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0xF7607000 \SystemRoot\System32\Drivers\NDProxy.SYS 0xAE7E3000 \SystemRoot\system32\drivers\AtiHdmi.sys 0xAE7BF000 \SystemRoot\system32\drivers\portcls.sys 0xF7637000 \SystemRoot\system32\drivers\drmk.sys 0xF7647000 \SystemRoot\system32\DRIVERS\usbhub.sys 0xF79BB000 \SystemRoot\system32\DRIVERS\USBD.SYS 0xAE2DD000 \SystemRoot\system32\drivers\RtkHDAud.sys 0xF79C7000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0xF7BB9000 \SystemRoot\System32\Drivers\Null.SYS 0xF79CB000 \SystemRoot\System32\Drivers\Beep.SYS 0xAE26E000 \SystemRoot\system32\DRIVERS\ehdrv.sys 0xF7717000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0xF772F000 \SystemRoot\System32\drivers\vga.sys 0xF79DD000 \SystemRoot\System32\Drivers\mnmdd.SYS 0xF79E1000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0xF773F000 \SystemRoot\System32\Drivers\Msfs.SYS 0xF774F000 \SystemRoot\System32\Drivers\Npfs.SYS 0xF797F000 \SystemRoot\system32\DRIVERS\rasacd.sys 0xF7767000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0xAE23B000 \SystemRoot\system32\DRIVERS\ipsec.sys 0xAE1E2000 \SystemRoot\system32\DRIVERS\tcpip.sys 0xAE1BA000 \SystemRoot\system32\DRIVERS\netbt.sys 0xAE194000 \SystemRoot\system32\DRIVERS\ipnat.sys 0xF76F7000 \SystemRoot\system32\DRIVERS\wanarp.sys 0xAE17C000 \SystemRoot\system32\DRIVERS\epfwtdir.sys 0xF7517000 \SystemRoot\system32\DRIVERS\arp1394.sys 0xAE15A000 \SystemRoot\System32\drivers\afd.sys 0xF7527000 \SystemRoot\system32\DRIVERS\netbios.sys 0xAE12F000 \SystemRoot\system32\DRIVERS\rdbss.sys 0xAE0BF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0xAE08F000 \??\C:\WINDOWS\system32\drivers\fslx.sys 0xF6B08000 \SystemRoot\System32\Drivers\Cdfs.SYS 0xF6AF8000 \SystemRoot\System32\Drivers\Fips.SYS 0xF77FF000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0xAE28D000 \SystemRoot\system32\DRIVERS\hidusb.sys 0xF6AC8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0xF795B000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0xADEC6000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0xBF800000 \SystemRoot\System32\win32k.sys 0xF6B24000 \SystemRoot\System32\drivers\Dxapi.sys 0xF7827000 \SystemRoot\System32\watchdog.sys 0xBF000000 \SystemRoot\System32\drivers\dxg.sys 0xF7B9B000 \SystemRoot\System32\drivers\dxgthk.sys 0xBF012000 \SystemRoot\System32\ati2dvag.dll 0xBF068000 \SystemRoot\System32\ati2cqag.dll 0xBF102000 \SystemRoot\System32\atikvmag.dll 0xBF187000 \SystemRoot\System32\atiok3x2.dll 0xBF1D6000 \SystemRoot\System32\ati3duag.dll 0xBF4B2000 \SystemRoot\System32\ativvaxx.dll 0xABAB3000 \SystemRoot\system32\DRIVERS\eamon.sys 0xABB95000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0xAB82E000 \SystemRoot\system32\DRIVERS\mrxdav.sys 0xAB75E000 \SystemRoot\system32\DRIVERS\srv.sys 0xBFFA0000 \SystemRoot\System32\ATMFD.DLL 0xAB519000 \SystemRoot\system32\drivers\wdmaud.sys 0xAB89B000 \SystemRoot\system32\drivers\sysaudio.sys 0xAAEE8000 \SystemRoot\System32\Drivers\HTTP.sys 0xF786F000 \SystemRoot\System32\Drivers\TDTCP.SYS 0xAAD8B000 \SystemRoot\System32\Drivers\RDPWD.SYS 0x7C910000 \WINDOWS\system32\ntdll.dll Processes (total 33): 0 System Idle Process 4 System 788 C:\WINDOWS\system32\smss.exe 844 csrss.exe 892 C:\WINDOWS\system32\winlogon.exe 944 C:\WINDOWS\system32\services.exe 956 C:\WINDOWS\system32\lsass.exe 1152 C:\WINDOWS\system32\ati2evxx.exe 1176 C:\WINDOWS\system32\svchost.exe 1264 svchost.exe 1452 svchost.exe 1484 C:\WINDOWS\system32\ati2evxx.exe 1592 svchost.exe 1728 C:\WINDOWS\system32\spoolsv.exe 1812 svchost.exe 1884 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 1952 C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe 2004 sqlservr.exe 228 C:\Programme\PDF Complete\pdfsvc.exe 532 C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe 668 C:\WINDOWS\system32\wuauclt.exe 1768 C:\WINDOWS\explorer.exe 2196 C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe 2308 C:\Programme\Adobe\Reader 9.0\Reader\reader_sl.exe 2560 C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe 2768 C:\Programme\Time Watch\TimeWatch4.exe 2784 alg.exe 2836 C:\WINDOWS\system32\ctfmon.exe 3632 C:\WINDOWS\system32\svchost.exe 3972 C:\WINDOWS\system32\svchost.exe 3060 C:\Programme\Mozilla Firefox\firefox.exe 3540 C:\Programme\Mozilla Firefox\plugin-container.exe 1624 C:\Dokumente und Einstellungen\sw\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) PhysicalDrive0 Model Number: ST3500418AS, Rev: HP34 Size Device Name MBR Status -------------------------------------------- 465 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: DAEDABC469722639540215CE84E15ED084195FBC Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! ich hoffe das ist das Richtige. bis dann Thomas Geändert von hasco (18.10.2010 um 13:57 Uhr) |
| Themen zu Load Programm wird nicht installiert und Malwarebytes nach Start wieder geschlossen |
| anfang, anhang, antivirus, eset, eset nod32, fehlermeldung, gen, geschlossen, google, heute, installieren, installiert, load.exe, malwarebytes, mehrere rechner, nach start, netzwerk, nicht installiert, nicht mehr, nod32, programm, programme, programmen, rechner, seite, seiten, software, start, starte, update, virenprogramme, virensoftware |
Baum-Darstellung