Dateien verschwinden, Computer langsam, Programme stürzen ständig ab

Abras · 27.02.2011, 00:07

Guten Abend, Leute,
wie schon oben beschrieben habe ich Probleme mit verschwindenden Dateien und langsamen und zum Absturz neigenden Programmen.
Besonders gerne hängt sich der Windows Explorer auf.

Bei Google habe ich keine allzu große Hilfe gefunden und bin letztendlich hier gelandet und erhoffe mir Hilfe.

Die Ergebnisse von Anti-Malware:

Zitat:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5883

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

26.02.2011 19:28:21
mbam-log-2011-02-26 (19-28-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 400610
Laufzeit: 3 Stunde(n), 21 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 11
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 4
Infizierte Dateien: 12

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HBMain.CommBand.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.HbMain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HostIE.Bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.HtmlMenuUI.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Toolbar.ToolbarCtl.1 (Adware.Zango) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\Zango 10.3.75.0 (Adware.Zango) -> Value: Zango 10.3.75.0 -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Lukas\AppData\Roaming\privacy components (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\keys (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\temp (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\cg.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\mw.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\rd.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\sc.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\sm.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\dbases\sp.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\keys\cg.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\keys\rd.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\keys\sc.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\keys\sp.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\temp\settings.ini (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.
c:\Users\Lukas\AppData\Roaming\privacy components\temp\spfilter (Rogue.PrivacyComponents) -> Quarantined and deleted successfully.

Ich hoffe, es geht alles glatt und bedanke mich schon im Vorraus für die Antworten und Tipps!

cosinus · 27.02.2011, 21:38

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.

Abras · 27.02.2011, 23:14

Nein, das ist der einzige Log, den ich gefunden habe.
Habe ich beim scannen etwas falsch gemacht?
Liebe Grüße

cosinus · 27.02.2011, 23:19

Nein ich wollte nur wissen ob du noch mehr Logs von MBAM hast

Abras · 27.02.2011, 23:35

Ach so, nein, das war mein Erster.

cosinus · 28.02.2011, 10:47

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{43c5681b-e951-11dd-bf03-001377a9e3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{43c5681b-e951-11dd-bf03-001377a9e3c7}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7a635b50-8427-11de-997c-001377a9e3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{7a635b50-8427-11de-997c-001377a9e3c7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\Shell\AutoRun\command - "" = G:\laucher.exe
O33 - MountPoints2\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\Shell - "" = AutoRun
O33 - MountPoints2\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Abras · 28.02.2011, 18:33

Das habe ich gemacht und herausgekommen ist Folgendes:

Zitat:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43c5681b-e951-11dd-bf03-001377a9e3c7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43c5681b-e951-11dd-bf03-001377a9e3c7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43c5681b-e951-11dd-bf03-001377a9e3c7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43c5681b-e951-11dd-bf03-001377a9e3c7}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a635b50-8427-11de-997c-001377a9e3c7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a635b50-8427-11de-997c-001377a9e3c7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a635b50-8427-11de-997c-001377a9e3c7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7a635b50-8427-11de-997c-001377a9e3c7}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6197c46-e0ee-11dd-b8b9-001377a9e3c7}\ not found.
File G:\laucher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fbf85bf4-6467-11de-a85d-001377a9e3c7}\ not found.
File H:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
File H:\LaunchU3.exe -a not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lukas
->Temp folder emptied: 5418365 bytes
->Temporary Internet Files folder emptied: 50788138 bytes
->Java cache emptied: 57801423 bytes
->FireFox cache emptied: 63995604 bytes
->Google Chrome cache emptied: 5854284 bytes
->Flash cache emptied: 8445 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 213010 bytes
RecycleBin emptied: 1271599319 bytes

Total Files Cleaned = 1.388,00 mb

OTL by OldTimer - Version 3.2.21.0 log created on 02282011_142137

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Liebe Grüße!

cosinus · 28.02.2011, 20:41

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.

Dann folgende Anleitung durchlesen und abarbeiten -> CCleaner Systembereinigung

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Abras · 01.03.2011, 17:53

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-02-28.02 - Lukas 28.02.2011  23:25:41.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3066.1753 [GMT -3:00]
ausgeführt von:: c:\users\Lukas\Pictures\Desktop\Desktop\cofi.exe.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Toolbar
c:\program files\Toolbar\tbuTor.dll
c:\ps3themecreator\PS3ThemeCreator.exe
c:\windows\system32\system32
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MaJUtilLib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCaller.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll

.
(((((((((((((((((((((((   Dateien erstellt von 2011-02-01 bis 2011-03-01  ))))))))))))))))))))))))))))))
.

2011-03-01 02:52 . 2011-03-01 02:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-03-01 02:08 . 2011-03-01 02:08	--------	d-----w-	c:\users\Lukas\AppData\Roaming\Avira
2011-03-01 02:00 . 2011-01-10 17:23	135096	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-03-01 02:00 . 2011-01-10 17:23	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-03-01 01:59 . 2011-03-01 01:59	--------	d-----w-	c:\programdata\Avira
2011-03-01 01:59 . 2011-03-01 01:59	--------	d-----w-	c:\program files\Avira
2011-02-28 17:21 . 2011-02-28 17:21	--------	d-----w-	C:\_OTL
2011-02-26 22:56 . 2011-02-26 22:56	--------	d-----w-	c:\program files\7-Zip
2011-02-26 14:59 . 2011-02-11 06:54	5943120	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FADCD24D-7294-4BB0-9B79-E29DDD0193CA}\mpengine.dll
2011-02-26 14:55 . 2011-02-26 14:55	--------	d-----w-	c:\users\Lukas\AppData\Roaming\Malwarebytes
2011-02-26 14:55 . 2011-02-26 14:55	--------	d-----w-	c:\programdata\Malwarebytes
2011-02-26 14:55 . 2010-12-20 21:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-26 14:55 . 2011-02-26 14:55	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-02-26 14:55 . 2010-12-20 21:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-02-10 17:14 . 2011-01-06 10:51	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-02-10 17:13 . 2011-01-08 08:47	34304	----a-w-	c:\windows\system32\atmlib.dll
2011-02-10 17:13 . 2011-01-08 06:28	292352	----a-w-	c:\windows\system32\atmfd.dll
2011-02-10 16:59 . 2011-02-10 16:59	--------	d-----w-	c:\program files\Veetle
2011-02-01 15:16 . 2011-02-01 15:16	1629	----a-w-	c:\programdata\xml731F.tmp
2011-02-01 15:16 . 2011-02-01 15:16	13919	----a-w-	c:\programdata\xml7070.tmp
2011-02-01 15:16 . 2011-02-01 15:16	7291	----a-w-	c:\programdata\xml6400.tmp
2011-02-01 15:13 . 2011-02-01 15:13	--------	d-----w-	c:\program files\SiSoftware
2011-01-31 20:27 . 2006-11-29 15:06	3426072	----a-w-	c:\windows\system32\d3dx9_32.dll
2011-01-31 20:23 . 2008-07-12 10:18	467984	----a-w-	c:\windows\system32\d3dx10_39.dll
2011-01-31 20:23 . 2008-07-12 10:18	1493528	----a-w-	c:\windows\system32\D3DCompiler_39.dll
2011-01-31 20:23 . 2008-07-12 10:18	3851784	----a-w-	c:\windows\system32\D3DX9_39.dll
2011-01-31 19:56 . 2011-01-31 19:57	85465960	----a-w-	c:\program files\Common Files\Windows Live\.cache\wlcA056.tmp

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-03 00:40 . 2010-08-11 17:47	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-02-02 20:11 . 2009-10-03 15:43	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-01-09 17:45 . 2011-01-09 17:45	1222408	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-28 15:55 . 2011-01-13 19:46	413696	----a-w-	c:\windows\system32\odbc32.dll
2010-12-14 14:49 . 2011-01-13 18:31	1169408	----a-w-	c:\windows\system32\sdclt.exe
2010-12-02 18:07 . 2008-10-30 15:16	98304	----a-w-	c:\windows\system32\CmdLineExt.dll
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 00:44	1400712	----a-w-	c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2009-06-10 334224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"Prolific2571_OneButton"="c:\program files\Prolific\PL2571 One Button\OneBtn.exe" [2007-04-12 33280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-27 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-27 92704]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]

c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2008-12-26 110647]
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-20 136176]
R3 ADDMEM;ADDMEM;c:\windows\TEMP\__Samsung_Update\ADDMEM.SYS [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-09 36608]
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-09-09 562176]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-09-09 15616]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-05-20 3663360]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe [2009-08-10 93848]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-01-23 717296]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [2005-03-09 18944]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-09 33792]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-08-06 44576]
S3 VMC302;Vimicro Camera Service VMC302;c:\windows\system32\Drivers\VMC302.sys [2008-04-05 242560]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - SSMDRV

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 08:56	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners

2011-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-20 21:18]

2011-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-20 21:18]

2011-03-01 c:\windows\Tasks\SupBackGroundTask.job
- c:\program files\Samsung\Samsung Update Plus\SUPBackGround.exe [2008-10-27 12:26]

2011-03-01 c:\windows\Tasks\User_Feed_Synchronization-{F83BEA13-D985-40C6-A0BB-D29AC2FF9C05}.job
- c:\windows\system32\msfeedssync.exe [2011-02-10 04:47]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to Mp3 Converter - c:\users\Lukas\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save YouTube Video - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
FF - ProfilePath - c:\users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\88dlwd5z.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://g1.globo.com/tecnologia/games/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SPC2&o=15000&locale=de_BR&apn_uid=33CED347-53EF-4A3C-A9E1-37A7B22BFD41&apn_ptnrs=PV&apn_sauid=35F41ADF-D491-4CA8-9E26-25CAD719A706&apn_dtid=YYYYYYYYBR&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Google Gears: {000a9d1c-beef-4f90-9363-039d445309b8} - c:\program files\Google\Google Gears\Firefox
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Ant Video Downloader: anttoolbar@ant.com - %profile%\extensions\anttoolbar@ant.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: vShare Plugin: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: TVU Web Player: firefox@tvunetworks.com - %profile%\extensions\firefox@tvunetworks.com
FF - Ext: Sopcast Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file)
HKCU-Run-KiesTrayAgent - (no file)
AddRemove-Fallout New Vegas_is1 - d:\dennis zocks\Fallout New Vegas\unins000.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-02-28 23:52
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-3363844151-3433124705-758453244-1003\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:62,8e,cf,40,b6,71,e5,dd,4d,6a,c2,52,5d,cd,ba,1a,f8,90,97,a6,b6,
   dd,31,df,73,dd,82,b7,45,9d,ce,8f,19,30,53,ce,06,a3,28,50,9c,90,10,a6,51,b5,\
"rkeysecu"=hex:54,53,37,d5,4a,6e,2d,5b,c1,2d,bf,7e,0c,6b,e5,a6

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-02-28  23:56:24
ComboFix-quarantined-files.txt  2011-03-01 02:56

Vor Suchlauf: 17 Verzeichnis(se), 13.793.214.464 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 13.633.642.496 Bytes frei

- - End Of File - - 0E43918C1EE9C9F0976E3B0F3368AC44

--- --- ---

War's das schon, oder kommt da noch etwas?
Schöne Grüße!

cosinus · 01.03.2011, 21:37

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur einige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

Abras · 04.03.2011, 20:17

Hallo, da bin ich wieder.
Einen GMER-Log habe ich schon, soll ich nun lediglich den OSAM-Log posten oder die ganze Anleitung befolgen?
Liebe Grüße!!

Ich füge schon mal die Logs ein!!

OSAM:

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 16:22:58 on 04.03.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Google Inc. Google Chrome 0.0.0.0

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3363844151-3433124705-758453244-1003Core.job" - "Google Inc." - C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3363844151-3433124705-758453244-1003UA.job" - "Google Inc." - C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe
"SupBackGroundTask.job" - ? - C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe  (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
"iproset.cpl" - "Intel(R) Corporation" - C:\Windows\system32\iproset.cpl
"ISUSPM.cpl" - "Macrovision Corporation" - C:\Windows\system32\ISUSPM.cpl
"PhysX.cpl" - "NVIDIA Corporation" - C:\Windows\system32\PhysX.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.cpl
"PROSet Tools" - "Intel(R) Corporation" - C:\Windows\System32\iPROSet.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"a3vce8j4" (a3vce8j4) - "Microsoft Corporation" - C:\Windows\system32\drivers\a3vce8j4.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"ADDMEM" (ADDMEM) - ? - C:\Windows\TEMP\__Samsung_Update\ADDMEM.SYS  (File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Lukas\AppData\Local\Temp\catchme.sys  (File not found)
"dgderdrv" (dgderdrv) - ? - C:\Windows\System32\drivers\dgderdrv.sys  (File not found)
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS  (File found, but it contains no detailed information)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kglcapow" (kglcapow) - ? - C:\Users\Lukas\AppData\Local\Temp\kglcapow.sys  (Hidden registry entry, rootkit activity | File not found)
"LibUsb-Win32 - Kernel Driver, Version 0.1.10.1" (libusb0) - ? - C:\Windows\System32\drivers\libusb0.sys
"SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\WNt500x86\Sandra.sys
"SoundTap Recorder" (NCHSSVAD) - "NCH Swift Sound" - C:\Windows\System32\drivers\nchssvad.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{8BE13461-936F-11D1-A87D-444553540000} "Eraser Shell Extension" - "-" - C:\Windows\System32\erasext.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
{00000000-6E41-4FD3-8538-502F5495E5FC} "UrlSearchHook Class" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{0B4350D1-055F-47A3-B112-5F2F2B0D6F08} "ClsidExtension" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
"PokerStars.net" - "PokerStars" - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
{855F3B16-6D32-4FE6-8A56-BBB695989046} "ICQToolBar" - "ICQ" - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
<binary data> "Sopcast Ask Toolbar" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} "AVG Safe Search" - ? - C:\Program Files\AVG\AVG8\avgssie.dll  (File not found)
{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} "Google Gears Helper" - "Google Inc." - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{D4027C7F-154A-4066-A1AD-4243D8127440} "Sopcast Ask Toolbar" - "Ask" - C:\Program Files\Ask.com\GenericAskToolbar.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 2.4.lnk" - ? - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"AutoStart IR.lnk" - "Hauppauge Computer Works" - C:\Program Files\WinTV\Ir.exe  (Shortcut exists | File exists)
"BTTray.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
"Eraser" - "The Eraser Project" - C:\Program Files\Eraser\Eraser.exe -hide
"Google Update" - "Google Inc." - "C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"ISUSPM" - "Macrovision Corporation" - "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe"
"LanguageShortcut" - ? - "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
"NBKeyScan" - "Nero AG" - "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Prolific2571_OneButton" - ? - C:\Program Files\Prolific\PL2571 One Button\OneBtn.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"RemoteControl" - "Cyberlink Corp." - "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"USB Storage Toolbox" - "ali" - C:\Windows\UMStor\Res.EXE

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HauppaugeTVServer" (HauppaugeTVServer) - "Hauppauge Computer Works" - C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
"Intel® PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel® PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LibUsb-Win32 - Daemon, Version 0.1.10.1" (libusbd) - "hxxp://libusb-win32.sourceforge.net" - C:\Windows\System32\libusbd-nt.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Nero BackItUp Scheduler 3" (Nero BackItUp Scheduler 3) - "Nero AG" - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PLFlash DeviceIoControl Service" (PLFlash DeviceIoControl Service) - "Prolific Technology Inc." - C:\Windows\System32\IoctlSvc.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe  (File found, but it contains no detailed information)
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\RpcAgentSrv.exe
"SQL Server (MSSMLBIZ)" (MSSQL$MSSMLBIZ) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"SQL Server-Browser" (SQLBrowser) - "Microsoft Corporation" - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
"SQL Server-Startdienst für Business Contact Manager" (BcmSqlStartupSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/QUOTE]

cosinus · 04.03.2011, 21:52

Zitat:

298 GB \\.\PhysicalDrive0 Unknown MBR code

SHA1: 898F3CF28E8EC7228D29035E39B672E205D702F2

Ein unbekannter MBR. Führ daher mal bitte dieses Tool von kaspersky aus => http://www.trojaner-board.de/82358-t...entfernen.html

Abras · 13.03.2011, 20:00

So, sorry für die Verspätung, aber ich war 'ne Woche im "Urlaub".

Hier der Log:

Zitat:

2011/03/13 15:58:22.0804 3040 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/13 15:58:23.0279 3040 ================================================================================
2011/03/13 15:58:23.0279 3040 SystemInfo:
2011/03/13 15:58:23.0279 3040
2011/03/13 15:58:23.0279 3040 OS Version: 6.0.6002 ServicePack: 2.0
2011/03/13 15:58:23.0279 3040 Product type: Workstation
2011/03/13 15:58:23.0279 3040 ComputerName: LUKAS-PC
2011/03/13 15:58:23.0279 3040 UserName: Lukas
2011/03/13 15:58:23.0279 3040 Windows directory: C:\Windows
2011/03/13 15:58:23.0279 3040 System windows directory: C:\Windows
2011/03/13 15:58:23.0280 3040 Processor architecture: Intel x86
2011/03/13 15:58:23.0280 3040 Number of processors: 2
2011/03/13 15:58:23.0280 3040 Page size: 0x1000
2011/03/13 15:58:23.0280 3040 Boot type: Normal boot
2011/03/13 15:58:23.0280 3040 ================================================================================
2011/03/13 15:58:23.0778 3040 Initialize success
2011/03/13 15:58:28.0332 1932 ================================================================================
2011/03/13 15:58:28.0332 1932 Scan started
2011/03/13 15:58:28.0332 1932 Mode: Manual;
2011/03/13 15:58:28.0332 1932 ================================================================================
2011/03/13 15:58:29.0821 1932 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/03/13 15:58:30.0015 1932 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/03/13 15:58:30.0078 1932 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/03/13 15:58:30.0140 1932 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/03/13 15:58:30.0186 1932 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/03/13 15:58:30.0350 1932 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/03/13 15:58:30.0462 1932 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/03/13 15:58:30.0579 1932 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/03/13 15:58:30.0629 1932 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/13 15:58:30.0689 1932 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/03/13 15:58:30.0724 1932 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/03/13 15:58:30.0767 1932 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/03/13 15:58:30.0868 1932 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/03/13 15:58:30.0920 1932 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/03/13 15:58:31.0124 1932 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/03/13 15:58:31.0178 1932 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/03/13 15:58:31.0289 1932 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/13 15:58:31.0320 1932 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/03/13 15:58:31.0418 1932 athr (44362605f5fff00c9b7696b47680a8c5) C:\Windows\system32\DRIVERS\athr.sys
2011/03/13 15:58:31.0553 1932 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/03/13 15:58:31.0589 1932 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys
2011/03/13 15:58:31.0653 1932 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
2011/03/13 15:58:31.0756 1932 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/13 15:58:31.0831 1932 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/03/13 15:58:31.0960 1932 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/13 15:58:32.0001 1932 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/13 15:58:32.0041 1932 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/13 15:58:32.0139 1932 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/13 15:58:32.0170 1932 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/13 15:58:32.0206 1932 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/13 15:58:32.0231 1932 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/13 15:58:32.0325 1932 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/13 15:58:32.0379 1932 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/03/13 15:58:32.0471 1932 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/13 15:58:32.0529 1932 BTHPORT (671134053d59e23704f08db19f11e10b) C:\Windows\system32\Drivers\BTHport.sys
2011/03/13 15:58:32.0570 1932 BTHUSB (93d7007e2c660dfcca6ae72622740b14) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/13 15:58:32.0670 1932 btwaudio (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
2011/03/13 15:58:32.0705 1932 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
2011/03/13 15:58:32.0777 1932 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/03/13 15:58:33.0020 1932 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/13 15:58:33.0090 1932 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/13 15:58:33.0137 1932 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/03/13 15:58:33.0221 1932 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/03/13 15:58:33.0322 1932 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/13 15:58:33.0399 1932 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/03/13 15:58:33.0445 1932 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/13 15:58:33.0483 1932 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/03/13 15:58:33.0559 1932 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/03/13 15:58:33.0686 1932 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/03/13 15:58:33.0864 1932 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/03/13 15:58:33.0957 1932 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/13 15:58:34.0054 1932 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/13 15:58:34.0169 1932 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/13 15:58:34.0257 1932 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/03/13 15:58:34.0401 1932 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/03/13 15:58:34.0469 1932 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/03/13 15:58:34.0655 1932 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/03/13 15:58:34.0705 1932 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/03/13 15:58:34.0810 1932 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/13 15:58:34.0880 1932 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/13 15:58:34.0925 1932 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/13 15:58:34.0955 1932 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/13 15:58:35.0059 1932 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/03/13 15:58:35.0173 1932 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
2011/03/13 15:58:35.0247 1932 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/13 15:58:35.0292 1932 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/13 15:58:35.0348 1932 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/03/13 15:58:35.0571 1932 hcw95bda (22854653e20a005083e49f699dd311aa) C:\Windows\system32\Drivers\hcw95bda.sys
2011/03/13 15:58:35.0685 1932 hcw95rc (932bb28da599f3bd4a00855493d7fa1d) C:\Windows\system32\DRIVERS\hcw95rc.sys
2011/03/13 15:58:35.0733 1932 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/03/13 15:58:35.0970 1932 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/13 15:58:36.0122 1932 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/13 15:58:36.0167 1932 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/13 15:58:36.0266 1932 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/13 15:58:36.0324 1932 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/03/13 15:58:36.0379 1932 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/03/13 15:58:36.0499 1932 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/03/13 15:58:36.0537 1932 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/13 15:58:36.0676 1932 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/03/13 15:58:36.0807 1932 iaStor (abfebc5f846c71afebd7f8f6ba740c03) C:\Windows\system32\DRIVERS\iaStor.sys
2011/03/13 15:58:36.0863 1932 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/03/13 15:58:36.0918 1932 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/13 15:58:37.0095 1932 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
2011/03/13 15:58:37.0283 1932 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/13 15:58:37.0318 1932 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/13 15:58:37.0437 1932 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/13 15:58:37.0556 1932 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/13 15:58:37.0684 1932 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/13 15:58:37.0800 1932 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/13 15:58:37.0837 1932 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/03/13 15:58:37.0891 1932 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/13 15:58:37.0927 1932 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/13 15:58:38.0013 1932 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/13 15:58:38.0065 1932 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/13 15:58:38.0128 1932 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/13 15:58:38.0247 1932 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
2011/03/13 15:58:38.0351 1932 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
2011/03/13 15:58:38.0459 1932 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/13 15:58:38.0560 1932 libusb0 (e2f1dcf4a68cc6cf694fbfba1842f4cd) C:\Windows\system32\drivers\libusb0.sys
2011/03/13 15:58:38.0687 1932 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/13 15:58:38.0753 1932 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/13 15:58:38.0783 1932 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/13 15:58:38.0816 1932 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/13 15:58:38.0910 1932 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/13 15:58:38.0973 1932 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/03/13 15:58:39.0016 1932 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/03/13 15:58:39.0129 1932 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/13 15:58:39.0168 1932 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/13 15:58:39.0198 1932 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/13 15:58:39.0233 1932 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/13 15:58:39.0331 1932 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/13 15:58:39.0410 1932 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/03/13 15:58:39.0546 1932 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/13 15:58:39.0641 1932 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/13 15:58:39.0691 1932 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/13 15:58:39.0794 1932 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/13 15:58:39.0842 1932 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/13 15:58:39.0904 1932 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/13 15:58:40.0008 1932 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/03/13 15:58:40.0065 1932 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/03/13 15:58:40.0139 1932 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/13 15:58:40.0227 1932 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/13 15:58:40.0300 1932 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/13 15:58:40.0355 1932 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/13 15:58:40.0381 1932 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/13 15:58:40.0448 1932 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/03/13 15:58:40.0539 1932 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/13 15:58:40.0618 1932 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/13 15:58:40.0682 1932 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/03/13 15:58:40.0819 1932 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/13 15:58:40.0888 1932 NCHSSVAD (0df9cc7b5cc173f545723f23e68fac93) C:\Windows\system32\drivers\nchssvad.sys
2011/03/13 15:58:41.0009 1932 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/03/13 15:58:41.0103 1932 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/13 15:58:41.0141 1932 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/13 15:58:41.0212 1932 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/13 15:58:41.0301 1932 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/13 15:58:41.0361 1932 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/13 15:58:41.0415 1932 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/13 15:58:41.0599 1932 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/03/13 15:58:41.0866 1932 NETw5v32 (0b214c6a4728f085fb64a29ed9c4de94) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/03/13 15:58:42.0065 1932 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/13 15:58:42.0152 1932 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/03/13 15:58:42.0232 1932 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/13 15:58:42.0333 1932 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/03/13 15:58:42.0448 1932 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/13 15:58:42.0475 1932 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/13 15:58:42.0535 1932 NVHDA (a103162c62c336c2cb3c5e1e2773d17b) C:\Windows\system32\drivers\nvhda32v.sys
2011/03/13 15:58:42.0854 1932 nvlddmkm (c526b4a24ef951ef219c3bfa1534b152) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/13 15:58:43.0147 1932 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/03/13 15:58:43.0182 1932 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/03/13 15:58:43.0224 1932 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/03/13 15:58:43.0398 1932 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/13 15:58:43.0542 1932 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/13 15:58:43.0594 1932 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/03/13 15:58:43.0628 1932 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/13 15:58:43.0689 1932 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/03/13 15:58:43.0796 1932 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/03/13 15:58:43.0841 1932 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/03/13 15:58:43.0902 1932 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/13 15:58:44.0035 1932 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/13 15:58:44.0261 1932 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/13 15:58:44.0293 1932 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/03/13 15:58:44.0369 1932 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/13 15:58:44.0502 1932 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/03/13 15:58:44.0605 1932 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/13 15:58:44.0646 1932 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/13 15:58:44.0679 1932 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/13 15:58:44.0761 1932 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/13 15:58:44.0870 1932 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/13 15:58:44.0910 1932 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/13 15:58:44.0967 1932 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/13 15:58:45.0022 1932 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/13 15:58:45.0138 1932 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/03/13 15:58:45.0178 1932 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/13 15:58:45.0313 1932 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/03/13 15:58:45.0402 1932 RFCOMM (10536b0ad6f416fc7f1149977c28ccdc) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/13 15:58:45.0519 1932 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/13 15:58:45.0702 1932 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011c\WNt500x86\Sandra.sys
2011/03/13 15:58:45.0818 1932 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/13 15:58:45.0888 1932 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/03/13 15:58:45.0925 1932 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/13 15:58:45.0998 1932 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/03/13 15:58:46.0107 1932 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/03/13 15:58:46.0141 1932 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/13 15:58:46.0243 1932 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/03/13 15:58:46.0291 1932 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/13 15:58:46.0426 1932 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/13 15:58:46.0494 1932 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/03/13 15:58:46.0552 1932 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/03/13 15:58:46.0603 1932 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/03/13 15:58:46.0699 1932 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/03/13 15:58:46.0777 1932 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/03/13 15:58:46.0869 1932 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/13 15:58:47.0067 1932 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/03/13 15:58:47.0135 1932 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/13 15:58:47.0166 1932 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/13 15:58:47.0295 1932 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/03/13 15:58:47.0399 1932 ss_bus (54946449a0eb74915a4bb34f7ee51a5a) C:\Windows\system32\DRIVERS\ss_bus.sys
2011/03/13 15:58:47.0533 1932 ss_mdfl (4450bc0b2e9d7d9b90e3c3de4ea00a78) C:\Windows\system32\DRIVERS\ss_mdfl.sys
2011/03/13 15:58:47.0617 1932 ss_mdm (30b8d0dd01ead1243f329caf7d7d1517) C:\Windows\system32\DRIVERS\ss_mdm.sys
2011/03/13 15:58:47.0800 1932 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/13 15:58:47.0930 1932 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/13 15:58:48.0051 1932 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/13 15:58:48.0113 1932 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/13 15:58:48.0204 1932 SynTP (451e8037e2eb6da6bdf0a66f65d1810b) C:\Windows\system32\DRIVERS\SynTP.sys
2011/03/13 15:58:48.0380 1932 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/03/13 15:58:48.0512 1932 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/13 15:58:48.0626 1932 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/13 15:58:48.0672 1932 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/13 15:58:48.0711 1932 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/13 15:58:48.0835 1932 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/13 15:58:48.0879 1932 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/13 15:58:48.0982 1932 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/13 15:58:49.0084 1932 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/13 15:58:49.0147 1932 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/13 15:58:49.0182 1932 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/03/13 15:58:49.0234 1932 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/13 15:58:49.0364 1932 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/13 15:58:49.0408 1932 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/03/13 15:58:49.0439 1932 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/13 15:58:49.0482 1932 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/13 15:58:49.0576 1932 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/13 15:58:49.0657 1932 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2011/03/13 15:58:49.0754 1932 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/13 15:58:49.0815 1932 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/13 15:58:49.0890 1932 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/13 15:58:49.0988 1932 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/13 15:58:50.0046 1932 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/13 15:58:50.0083 1932 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/03/13 15:58:50.0150 1932 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/13 15:58:50.0245 1932 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/13 15:58:50.0303 1932 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/13 15:58:50.0373 1932 VClone (9bf2ea54e5ed5acdf96f1dec84c117c4) C:\Windows\system32\DRIVERS\VClone.sys
2011/03/13 15:58:50.0484 1932 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/13 15:58:50.0517 1932 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/13 15:58:50.0551 1932 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/03/13 15:58:50.0584 1932 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/03/13 15:58:50.0677 1932 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/03/13 15:58:50.0755 1932 VMC302 (2b0970a8c0a65874eff4aa436e651d85) C:\Windows\system32\Drivers\VMC302.sys
2011/03/13 15:58:50.0865 1932 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/13 15:58:50.0927 1932 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/03/13 15:58:50.0987 1932 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/03/13 15:58:51.0104 1932 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/03/13 15:58:51.0167 1932 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/13 15:58:51.0200 1932 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/13 15:58:51.0224 1932 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/13 15:58:51.0340 1932 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/03/13 15:58:51.0383 1932 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/13 15:58:51.0628 1932 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/13 15:58:51.0724 1932 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/03/13 15:58:51.0777 1932 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/13 15:58:51.0855 1932 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/13 15:58:51.0987 1932 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/03/13 15:58:52.0559 1932 ================================================================================
2011/03/13 15:58:52.0559 1932 Scan finished
2011/03/13 15:58:52.0559 1932 ================================================================================

Schönen Gruß!

cosinus · 14.03.2011, 09:36

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Abras · 22.03.2011, 02:04

Zitat:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 03/19/2011 at 06:47 PM

Application Version : 4.50.1002

Core Rules Database Version : 6634
Trace Rules Database Version: 4446

Scan type : Quick Scan
Total Scan Time : 00:19:47

Memory items scanned : 748
Memory threats detected : 0
Registry items scanned : 2656
Registry threats detected : 0
File items scanned : 9583
File threats detected : 128

Adware.Tracking Cookie
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@mediaplex[2].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@ad.yieldmanager[2].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@apmebf[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@doubleclick[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@revsci[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@content.yieldmanager[2].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@content.yieldmanager[3].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@bs.serving-sys[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@serving-sys[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@yadro[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@atdmt[2].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@adtech[1].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@www.googleadservices[2].txt
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Cookies\lukas@atdmt.combing[2].txt
.ads.quartermedia.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.rambler.ru [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.click1.mainadv.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.click1.mainadv.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.click1.mainadv.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.msnportal.112.2o7.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
dc.tremormedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
adserver.itsfogo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.zanox.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.s0.2mdn.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.s0.2mdn.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.s0.2mdn.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.traffictrack.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad3.adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.zanox-affiliate.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zanox-affiliate.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zanox.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
stats.nico.li [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.counter-go.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tracking.hannoversche.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad2.adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
studivz.adfarm1.adition.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
m1.webstats.motigo.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
eas.apm.emediate.eu [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
eas.apm.emediate.eu [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
eas.apm.emediate.eu [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.zanox.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media.funpic.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.quartermedia.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.quartermedia.de [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.webmasterplan.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.clickon.com.br [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.clickon.com.br [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.clickon.com.br [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.clickon.com.br [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www.clickon.com.br [ C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
media1.break.com [ C:\Users\Lukas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LKHDETFY ]
s0.2mdn.net [ C:\Users\Lukas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LKHDETFY ]
secure-us.imrworldwide.com [ C:\Users\Lukas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LKHDETFY ]
www.naiadsystems.com [ C:\Users\Lukas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\LKHDETFY ]

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
BIOS Manufacturer: Phoenix Technologies Ltd.
System Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
System Product Name: R510/P510
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 142):
0x8283C000 \SystemRoot\system32\ntoskrnl.exe
0x82809000 \SystemRoot\system32\hal.dll
0x8A808000 \SystemRoot\system32\kdcom.dll
0x8A80F000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8A87F000 \SystemRoot\system32\PSHED.dll
0x8A890000 \SystemRoot\system32\BOOTVID.dll
0x8A898000 \SystemRoot\system32\CLFS.SYS
0x8A8D9000 \SystemRoot\system32\CI.dll
0x8A9B9000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8AA35000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8AA42000 \SystemRoot\system32\drivers\acpi.sys
0x8AA88000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8AA91000 \SystemRoot\system32\drivers\msisadrv.sys
0x8AA99000 \SystemRoot\system32\drivers\pci.sys
0x8AAC0000 \SystemRoot\System32\drivers\partmgr.sys
0x8AACF000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8AAD2000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8AADC000 \SystemRoot\system32\drivers\volmgr.sys
0x8AAEB000 \SystemRoot\System32\drivers\volmgrx.sys
0x8AB35000 \SystemRoot\System32\drivers\mountmgr.sys
0x8AC01000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x8ACD1000 \SystemRoot\system32\drivers\atapi.sys
0x8ACD9000 \SystemRoot\system32\drivers\ataport.SYS
0x8ACF7000 \SystemRoot\system32\drivers\fltmgr.sys
0x8AD29000 \SystemRoot\system32\drivers\fileinfo.sys
0x8AD39000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8ADAA000 \SystemRoot\system32\drivers\ndis.sys
0x8AEB5000 \SystemRoot\system32\drivers\msrpc.sys
0x8AEE0000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B000000 \SystemRoot\System32\drivers\tcpip.sys
0x8B0EA000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B105000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8B215000 \SystemRoot\system32\drivers\volsnap.sys
0x8B24E000 \SystemRoot\System32\Drivers\spldr.sys
0x8B256000 \SystemRoot\System32\Drivers\mup.sys
0x8B265000 \SystemRoot\System32\drivers\ecache.sys
0x8B28C000 \SystemRoot\system32\drivers\disk.sys
0x8B29D000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8B2BE000 \SystemRoot\system32\drivers\crcdisk.sys
0x8B3A4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8B3AF000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8F80C000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x8FF3F000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8FFDF000 \SystemRoot\System32\drivers\watchdog.sys
0x8FFEB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8B3B8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8AF1B000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8AF2A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x90007000 \SystemRoot\system32\DRIVERS\athr.sys
0x900F7000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x90143000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x90147000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x9015A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x90165000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x90193000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90195000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x901A0000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x901B8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x901BE000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x901CD000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x901FC000 \SystemRoot\system32\DRIVERS\storport.sys
0x9023D000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x90248000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x9025F000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x9026A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x9028D000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9029C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x902B0000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x902C5000 \SystemRoot\system32\DRIVERS\termdd.sys
0x902D5000 \SystemRoot\system32\DRIVERS\swenum.sys
0x902D7000 \SystemRoot\system32\DRIVERS\ks.sys
0x90301000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x9030B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90318000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x9034D000 \SystemRoot\system32\drivers\libusb0.sys
0x9035B000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90402000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x90602000 \SystemRoot\system32\drivers\portcls.sys
0x9062F000 \SystemRoot\system32\drivers\drmk.sys
0x90654000 \SystemRoot\system32\drivers\nvhda32v.sys
0x90662000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x9066B000 \SystemRoot\System32\Drivers\Null.SYS
0x90672000 \SystemRoot\System32\Drivers\Beep.SYS
0x90682000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90689000 \SystemRoot\System32\drivers\vga.sys
0x90695000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x906B6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x906BE000 \SystemRoot\system32\drivers\rdpencdd.sys
0x906C6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x906D1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x906DF000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x906E8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x906FE000 \SystemRoot\System32\DRIVERS\netbt.sys
0x90730000 \SystemRoot\system32\DRIVERS\smb.sys
0x90744000 \SystemRoot\system32\drivers\afd.sys
0x9078C000 \SystemRoot\system32\DRIVERS\pacer.sys
0x907A2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x907B0000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x907C3000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x9036C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x907C9000 \SystemRoot\system32\drivers\nsiproxy.sys
0x907D3000 \SystemRoot\System32\Drivers\dfsc.sys
0x903CE000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x8AFB7000 \SystemRoot\System32\Drivers\VMC302.sys
0x90679000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x903E5000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x903F5000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x8FFF6000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8B2C7000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8B2D4000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x99C70000 \SystemRoot\System32\win32k.sys
0x8F800000 \SystemRoot\System32\drivers\Dxapi.sys
0x8AB45000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99E90000 \SystemRoot\System32\TSDDD.dll
0x99EB0000 \SystemRoot\System32\cdd.dll
0x8AB54000 \SystemRoot\system32\drivers\luafv.sys
0x8B3F6000 \SystemRoot\system32\DRIVERS\kmdfmemio.sys
0x9F005000 \SystemRoot\system32\drivers\spsys.sys
0x9F0B5000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9F0C5000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9F0EF000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9F0F9000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9F10C000 \SystemRoot\system32\drivers\HTTP.sys
0x9F179000 \SystemRoot\System32\Drivers\fastfat.SYS
0x9F1A1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9F1BE000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9F1D7000 \SystemRoot\System32\drivers\mpsdrv.sys
0x9F1EC000 \SystemRoot\system32\drivers\mrxdav.sys
0x9F20D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x9F22C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9F265000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9F27D000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9F2A5000 \SystemRoot\System32\DRIVERS\srv.sys
0x9F30B000 \SystemRoot\system32\drivers\peauth.sys
0x9F3E9000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9F3F3000 \SystemRoot\System32\drivers\tcpipreg.sys
0x8AB96000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x903A8000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x8ABAC000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x9F308000 \SystemRoot\system32\drivers\MSPQM.sys
0x9F000000 \SystemRoot\system32\drivers\MSPCLOCK.sys
0x77030000 \Windows\System32\ntdll.dll

Processes (total 99):
0 System Idle Process
4 System
520 C:\Windows\System32\smss.exe
588 csrss.exe
640 csrss.exe
648 C:\Windows\System32\wininit.exe
684 C:\Windows\System32\services.exe
696 C:\Windows\System32\lsass.exe
704 C:\Windows\System32\lsm.exe
848 C:\Windows\System32\svchost.exe
916 C:\Windows\System32\nvvsvc.exe
944 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1068 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\audiodg.exe
1180 C:\Windows\System32\svchost.exe
1196 C:\Windows\System32\SLsvc.exe
1236 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\winlogon.exe
1396 C:\Windows\System32\svchost.exe
1664 C:\Windows\System32\spoolsv.exe
1692 C:\Windows\System32\taskeng.exe
1704 C:\Windows\System32\rundll32.exe
1832 C:\Windows\System32\svchost.exe
596 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
576 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
700 C:\Program Files\Bonjour\mDNSResponder.exe
928 C:\Windows\System32\svchost.exe
1348 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1916 C:\PROGRA~1\WinTV\TVServer\HAUPPA~1.EXE
2112 C:\Program Files\ICQ6Toolbar\ICQ Service.exe
2244 C:\Windows\System32\libusbd-nt.exe
2268 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
2296 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
2392 C:\Windows\System32\svchost.exe
2444 C:\Windows\System32\IoctlSvc.exe
2468 C:\Windows\System32\svchost.exe
2484 C:\Windows\System32\svchost.exe
2532 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2584 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2644 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
2664 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
2712 C:\Windows\System32\svchost.exe
2768 C:\Windows\System32\svchost.exe
2812 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2852 C:\Windows\System32\SearchIndexer.exe
3360 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3676 C:\Windows\System32\dwm.exe
3708 C:\Windows\System32\taskeng.exe
3740 C:\Windows\explorer.exe
3780 C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
3808 C:\Windows\System32\taskeng.exe
3892 C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
3972 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
4040 C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
2416 C:\Windows\RtHDVCpl.exe
2412 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2408 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
3064 C:\Program Files\Prolific\PL2571 One Button\OneBtn.exe
2572 C:\Windows\UMStor\Res.exe
2764 C:\Windows\System32\rundll32.exe
2792 C:\Program Files\DivX\DivX Update\DivXUpdate.exe
984 C:\Program Files\iTunes\iTunesHelper.exe
1036 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3720 C:\Program Files\Windows Sidebar\sidebar.exe
3824 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
228 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
3592 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
1588 C:\Windows\ehome\ehtray.exe
2496 C:\Program Files\Windows Sidebar\sidebar.exe
1900 C:\Program Files\Eraser\Eraser.exe
2552 C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
1452 C:\Windows\ehome\ehmsas.exe
2756 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
1532 C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
4432 C:\Windows\System32\wbem\unsecapp.exe
4668 C:\Program Files\OpenOffice.org 2.4\program\soffice.bin
4932 WmiPrvSE.exe
5196 C:\Program Files\iPod\bin\iPodService.exe
5720 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5872 C:\Windows\System32\svchost.exe
5060 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2500 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
4888 C:\Program Files\Avira\AntiVir Desktop\sched.exe
4732 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
5676 C:\Program Files\Skype\Phone\Skype.exe
856 C:\Program Files\Skype\Plugin Manager\skypePM.exe
1788 C:\Windows\System32\mobsync.exe
4676 C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
5516 C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
5800 C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
1604 C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
2220 C:\Windows\System32\rundll32.exe
4652 C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
3296 dllhost.exe
4952 dllhost.exe
3080 C:\Users\Lukas\Downloads\MBRCheck.exe
5996 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000026`85d00000 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS543232L9A300, Rev: FB4OC40C

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 898F3CF28E8EC7228D29035E39B672E205D702F2

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Liebe Grüße!!

27.02.2011, 21:38	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dateien verschwinden, Computer langsam, Programme stürzen ständig ab Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes. __________________ __________________

27.02.2011, 23:19	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dateien verschwinden, Computer langsam, Programme stürzen ständig ab Nein ich wollte nur wissen ob du noch mehr Logs von MBAM hast __________________ Logfiles bitte immer in CODE-Tags posten

14.03.2011, 09:36	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Dateien verschwinden, Computer langsam, Programme stürzen ständig ab Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Dateien verschwinden, Computer langsam, Programme stürzen ständig ab

Log-Analyse und Auswertung: Dateien verschwinden, Computer langsam, Programme stürzen ständig ab