HDDLOW auf PC! Fehlermeldungen: Critical Error Damaged hard Drive Clusters detected

ComboFix 10-12-26.01 - Heensche 27.12.2010 18:39:31.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3038.1829 [GMT 1:00]
ausgeführt von:: c:\users\Heensche\Desktop\ComboFix.exe
AV: McAfee VirusScan *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Heensche\AppData\Local\{106D28F9-CCB7-4210-B907-EC3A4C5767AF}
c:\users\Heensche\AppData\Local\{106D28F9-CCB7-4210-B907-EC3A4C5767AF}\chrome.manifest
c:\users\Heensche\AppData\Local\{106D28F9-CCB7-4210-B907-EC3A4C5767AF}\chrome\content\_cfg.js
c:\users\Heensche\AppData\Local\{106D28F9-CCB7-4210-B907-EC3A4C5767AF}\chrome\content\overlay.xul
c:\users\Heensche\AppData\Local\{106D28F9-CCB7-4210-B907-EC3A4C5767AF}\install.rdf
c:\windows\system32\AutoRun.inf
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((( Dateien erstellt von 2010-11-27 bis 2010-12-27 ))))))))))))))))))))))))))))))
.

2010-12-27 17:45 . 2010-12-27 17:46 -------- d-----w- c:\users\Heensche\AppData\Local\temp
2010-12-27 17:45 . 2010-12-27 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-27 16:43 . 2010-12-27 16:43 -------- d-----w- c:\windows\LastGood
2010-12-27 16:43 . 2010-12-27 16:43 36616 ----a-w- c:\windows\system32\drivers\btcusb.sys
2010-12-27 16:43 . 2010-12-27 16:43 19464 ----a-w- c:\windows\system32\btinstall.dll
2010-12-27 15:33 . 2010-12-27 16:54 -------- d-----w- C:\_OTL
2010-12-26 22:34 . 2010-12-26 22:34 -------- d-----w- c:\users\Heensche\AppData\Roaming\Malwarebytes
2010-12-26 22:33 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-26 22:33 . 2010-12-26 22:33 -------- d-----w- c:\programdata\Malwarebytes
2010-12-26 22:33 . 2010-12-27 09:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-26 22:33 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-26 21:46 . 2010-12-26 21:46 -------- d-----w- c:\programdata\PC Tools
2010-12-26 21:32 . 2010-12-14 13:00 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-12-26 21:32 . 2010-12-14 13:00 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2010-12-08 19:31 . 2010-12-08 19:31 159744 ----a-w- c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
2010-12-04 15:52 . 2010-12-10 11:45 -------- d-----w- c:\users\Heensche\AppData\Local\Thunderbird
2010-12-04 15:52 . 2010-12-04 15:52 -------- d-----w- c:\users\Heensche\AppData\Roaming\Thunderbird
2010-12-04 15:51 . 2010-12-11 14:04 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-12-02 16:41 . 2010-12-02 16:41 46592 ----a-w- c:\windows\system32\drivers\risdptsk.sys
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-14 13:05 . 2010-11-06 10:15 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2010-11-21 10:42 . 2010-11-21 10:42 68608 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2010-11-12 13:17 . 2010-07-16 20:50 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-11-12 13:17 . 2010-07-16 20:50 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-11-12 13:17 . 2010-07-16 20:50 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-11-12 13:17 . 2010-07-16 20:50 64304 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2010-11-12 13:17 . 2010-07-16 20:50 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-11-12 13:17 . 2010-07-16 20:50 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-11-12 13:17 . 2010-07-16 20:50 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-11-12 13:17 . 2010-07-16 20:50 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-11-12 13:17 . 2010-07-16 20:50 164840 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2010-11-12 13:17 . 2010-07-16 20:50 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-11-06 09:17 . 2009-03-23 10:01 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-11-12 13:17 . 2010-07-16 20:50 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-11-13 67448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-04-01 1180976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-01-19 11:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Users^Heensche^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^monmvr32.exe]
path=c:\users\Heensche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\monmvr32.exe
backup=c:\windows\pss\monmvr32.exe.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSUFloatingUI]
2008-12-21 22:30 274432 ----a-w- c:\program files\sony\Network Utility\LANUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-03-10 02:43 835584 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMSwitch]
2009-02-04 16:01 538472 ----a-w- c:\program files\sony\VAIO Mode Switch\VMSwitch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Ayehecahexofipu"=rundll32.exe "c:\users\Heensche\AppData\Local\dsDPLapl.dll",Startup
"Hwuyasuxomodo"=rundll32.exe "c:\users\Heensche\AppData\Local\uzobezudana.dll",Startup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe"
"MarketingTools"=c:\program files\Sony\Marketing Tools\MarketingTools.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

R2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2009-12-14 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-11-12 188136]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-02-09 29736]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-11-12 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-11-12 313288]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-11-12 84264]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2009-08-28 17408]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-02-05 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-02-05 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-02-05 390440]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-02-05 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-02-05 91432]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-01-19 394536]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-01-16 83240]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2008-08-26 23712]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-11-12 64304]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-11-12 164840]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-11-12 141792]
S2 NSUService;NSUService;c:\program files\sony\Network Utility\NSUService.exe [2008-12-21 303104]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2009-01-06 109088]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-12-19 415592]
S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-01-14 5184872]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-11-19 9344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]


--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Heensche\AppData\Roaming\Mozilla\Firefox\Profiles\7nmdqxx8.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

MSConfigStartUp-RtHDVCpl - c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
MSConfigStartUp-Spyware Doctor - c:\users\Heensche\Desktop\sdsetup.exe
MSConfigStartUp-{FCA2D4C8-766A-CF6A-82C3-415C58E4D817} - c:\users\Heensche\AppData\Roaming\Pahexe\amit.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2010-12-27 18:46
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000042
.
Zeit der Fertigstellung: 2010-12-27 18:48:43
ComboFix-quarantined-files.txt 2010-12-27 17:48

Vor Suchlauf: 9 Verzeichnis(se), 227.642.589.184 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 227.586.877.440 Bytes frei

- - End Of File - - 397221298C3C65BB1E43C7BC1310F36C