|
Plagegeister aller Art und deren Bekämpfung: Problem: Schrift weg z.B. im Task ManagerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
19.03.2011, 13:40 | #1 |
| Problem: Schrift weg z.B. im Task Manager Hallo, mein Problem ist, dass die Schrift bzw. auch allgemein der Task Manager sich ein wenig verändert hat. Näheres sieht ihr im Screen, den ich im Anhang hochgeladen habe. Bis jetzt habe ich nach meinem Problem gegooglet und einige Problemursachen gefunden, die ich auch schon beseitigt habe, wie die Deinstallation von Avira, aber das hat leider auch nichts gebracht. Nach weiterem Suchen bin ich auf dieses Forum gestoßen und bitte euch um eure Hilfe bei meinem Problem. Außerdem bin ich mir zu ungefähr 75% sicher, dass ich mir einen Trojaner eingefangen habe, weil ich FileZilla benutze und auf einem FTP-Server sich wohl ein Trojaner befand, der von einem anderen User des Servers draufgekommen ist. Im Anhang befindet sich außerdem die Log-File des OTL-Scans. Ich bedanke mich schon mal für eure Hilfe und hoffe, dass ihr mir weiterhelfen könnt. |
19.03.2011, 14:02 | #2 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task ManagerZitat:
Zitat:
Was für ein Programm hast du von wo heruntergeladen über Filezilla und zu welchem Zweck diente es? Gibt es noch weitere Logs? Von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
__________________ |
19.03.2011, 19:46 | #3 | |||
| Problem: Schrift weg z.B. im Task ManagerZitat:
Zitat:
Zitat:
Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6100 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 19.03.2011 19:46:01 mbam-log-2011-03-19 (19-46-01).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 140571 Laufzeit: 7 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
20.03.2011, 12:07 | #4 | ||||
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task ManagerZitat:
Zitat:
Ich habs so verstanden, dass du eine dubiose Datei von einem Server mit Filezilla runtergeladen hast! Das war nicht der Fall oder doch? Zitat:
Zitat:
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
20.03.2011, 18:58 | #5 | |||
| Problem: Schrift weg z.B. im Task ManagerZitat:
Zitat:
Zitat:
Vollscan Malwarebytes: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6110 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.19019 20.03.2011 15:53:43 mbam-log-2011-03-20 (15-53-42).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|) Durchsuchte Objekte: 277472 Laufzeit: 1 Stunde(n), 47 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
20.03.2011, 19:52 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task Manager Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ --> Problem: Schrift weg z.B. im Task Manager |
20.03.2011, 20:29 | #7 |
| Problem: Schrift weg z.B. im Task ManagerCode:
ATTFilter 2011/03/20 20:24:01.0595 4428 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/03/20 20:24:02.0718 4428 ================================================================================ 2011/03/20 20:24:02.0718 4428 SystemInfo: 2011/03/20 20:24:02.0718 4428 2011/03/20 20:24:02.0718 4428 OS Version: 6.0.6002 ServicePack: 2.0 2011/03/20 20:24:02.0718 4428 Product type: Workstation 2011/03/20 20:24:02.0718 4428 ComputerName: *** 2011/03/20 20:24:02.0719 4428 UserName: *** 2011/03/20 20:24:02.0719 4428 Windows directory: C:\Windows 2011/03/20 20:24:02.0719 4428 System windows directory: C:\Windows 2011/03/20 20:24:02.0719 4428 Processor architecture: Intel x86 2011/03/20 20:24:02.0719 4428 Number of processors: 2 2011/03/20 20:24:02.0719 4428 Page size: 0x1000 2011/03/20 20:24:02.0719 4428 Boot type: Normal boot 2011/03/20 20:24:02.0719 4428 ================================================================================ 2011/03/20 20:24:05.0623 4428 Initialize success 2011/03/20 20:24:40.0269 5056 ================================================================================ 2011/03/20 20:24:40.0269 5056 Scan started 2011/03/20 20:24:40.0269 5056 Mode: Manual; 2011/03/20 20:24:40.0269 5056 ================================================================================ 2011/03/20 20:24:44.0331 5056 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/03/20 20:24:45.0230 5056 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2011/03/20 20:24:45.0885 5056 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2011/03/20 20:24:46.0234 5056 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2011/03/20 20:24:46.0630 5056 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2011/03/20 20:24:47.0126 5056 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2011/03/20 20:24:47.0786 5056 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2011/03/20 20:24:48.0209 5056 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/03/20 20:24:48.0738 5056 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 2011/03/20 20:24:49.0177 5056 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2011/03/20 20:24:49.0686 5056 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 2011/03/20 20:24:50.0110 5056 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2011/03/20 20:24:50.0814 5056 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2011/03/20 20:24:51.0491 5056 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2011/03/20 20:24:51.0869 5056 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2011/03/20 20:24:52.0612 5056 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\Windows\system32\drivers\aswFsBlk.sys 2011/03/20 20:24:53.0068 5056 aswMonFlt (b0f137f664f10829cd2380b0e20e7c29) C:\Windows\system32\drivers\aswMonFlt.sys 2011/03/20 20:24:53.0848 5056 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\Windows\system32\drivers\aswRdr.sys 2011/03/20 20:24:54.0902 5056 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\Windows\system32\drivers\aswSnx.sys 2011/03/20 20:24:55.0892 5056 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\Windows\system32\drivers\aswSP.sys 2011/03/20 20:24:56.0489 5056 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\Windows\system32\drivers\aswTdi.sys 2011/03/20 20:24:56.0846 5056 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/03/20 20:24:57.0526 5056 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/03/20 20:24:59.0558 5056 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/03/20 20:25:00.0730 5056 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2011/03/20 20:25:01.0166 5056 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/03/20 20:25:01.0806 5056 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/03/20 20:25:02.0567 5056 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/03/20 20:25:03.0769 5056 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/03/20 20:25:04.0180 5056 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/03/20 20:25:04.0768 5056 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/03/20 20:25:05.0345 5056 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 2011/03/20 20:25:05.0786 5056 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/03/20 20:25:06.0376 5056 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 2011/03/20 20:25:06.0888 5056 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 2011/03/20 20:25:08.0017 5056 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 2011/03/20 20:25:08.0412 5056 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/03/20 20:25:09.0367 5056 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/03/20 20:25:09.0919 5056 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2011/03/20 20:25:10.0506 5056 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/03/20 20:25:11.0470 5056 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/03/20 20:25:12.0143 5056 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 2011/03/20 20:25:12.0991 5056 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/03/20 20:25:13.0449 5056 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2011/03/20 20:25:14.0065 5056 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2011/03/20 20:25:15.0529 5056 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2011/03/20 20:25:16.0411 5056 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/03/20 20:25:17.0267 5056 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/03/20 20:25:18.0151 5056 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/03/20 20:25:18.0481 5056 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/03/20 20:25:19.0371 5056 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/03/20 20:25:20.0337 5056 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2011/03/20 20:25:21.0649 5056 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/03/20 20:25:22.0561 5056 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/03/20 20:25:23.0800 5056 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2011/03/20 20:25:24.0558 5056 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/03/20 20:25:25.0922 5056 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/03/20 20:25:26.0668 5056 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/03/20 20:25:27.0358 5056 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/03/20 20:25:28.0097 5056 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/03/20 20:25:28.0665 5056 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2011/03/20 20:25:29.0371 5056 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 2011/03/20 20:25:29.0733 5056 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/03/20 20:25:30.0098 5056 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/03/20 20:25:30.0498 5056 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2011/03/20 20:25:31.0202 5056 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/03/20 20:25:31.0998 5056 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2011/03/20 20:25:32.0518 5056 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/03/20 20:25:33.0068 5056 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2011/03/20 20:25:33.0664 5056 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/03/20 20:25:34.0064 5056 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2011/03/20 20:25:34.0611 5056 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/03/20 20:25:35.0244 5056 IntcAzAudAddService (67e40fa2e4f2b70e8b3c8597a38f3a49) C:\Windows\system32\drivers\RTKVHDA.sys 2011/03/20 20:25:35.0825 5056 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/03/20 20:25:36.0280 5056 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/03/20 20:25:36.0753 5056 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/03/20 20:25:37.0807 5056 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2011/03/20 20:25:38.0399 5056 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/03/20 20:25:38.0950 5056 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/03/20 20:25:39.0317 5056 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2011/03/20 20:25:39.0727 5056 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/03/20 20:25:40.0172 5056 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/03/20 20:25:41.0029 5056 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/03/20 20:25:41.0636 5056 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/03/20 20:25:42.0252 5056 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 2011/03/20 20:25:42.0841 5056 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/03/20 20:25:43.0732 5056 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/03/20 20:25:44.0709 5056 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2011/03/20 20:25:45.0373 5056 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2011/03/20 20:25:45.0731 5056 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2011/03/20 20:25:46.0243 5056 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/03/20 20:25:46.0828 5056 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys 2011/03/20 20:25:47.0664 5056 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2011/03/20 20:25:48.0476 5056 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/03/20 20:25:48.0812 5056 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/03/20 20:25:49.0259 5056 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/03/20 20:25:49.0782 5056 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/03/20 20:25:50.0354 5056 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/03/20 20:25:50.0664 5056 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2011/03/20 20:25:51.0080 5056 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/03/20 20:25:51.0750 5056 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/03/20 20:25:52.0065 5056 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/03/20 20:25:52.0554 5056 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/03/20 20:25:53.0139 5056 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/03/20 20:25:53.0518 5056 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/03/20 20:25:54.0016 5056 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 2011/03/20 20:25:54.0549 5056 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2011/03/20 20:25:55.0694 5056 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/03/20 20:25:56.0454 5056 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/03/20 20:25:57.0314 5056 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/03/20 20:25:57.0663 5056 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/03/20 20:25:58.0026 5056 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/03/20 20:25:58.0360 5056 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/03/20 20:25:59.0408 5056 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/03/20 20:25:59.0873 5056 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/03/20 20:26:00.0327 5056 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/03/20 20:26:00.0809 5056 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/03/20 20:26:01.0213 5056 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/03/20 20:26:01.0556 5056 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/03/20 20:26:02.0080 5056 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/03/20 20:26:02.0386 5056 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/03/20 20:26:02.0764 5056 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/03/20 20:26:03.0138 5056 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/03/20 20:26:03.0636 5056 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/03/20 20:26:04.0880 5056 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys 2011/03/20 20:26:05.0691 5056 NETwLv32 (d4ef7a9767c05905500ec312cb29ef46) C:\Windows\system32\DRIVERS\NETwLv32.sys 2011/03/20 20:26:06.0544 5056 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/03/20 20:26:07.0136 5056 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/03/20 20:26:07.0890 5056 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys 2011/03/20 20:26:08.0444 5056 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/03/20 20:26:09.0232 5056 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/03/20 20:26:09.0786 5056 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/03/20 20:26:10.0330 5056 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/03/20 20:26:10.0752 5056 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys 2011/03/20 20:26:11.0359 5056 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys 2011/03/20 20:26:11.0872 5056 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2011/03/20 20:26:13.0189 5056 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/03/20 20:26:14.0298 5056 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/03/20 20:26:14.0724 5056 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/03/20 20:26:15.0728 5056 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/03/20 20:26:16.0399 5056 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/03/20 20:26:16.0836 5056 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 2011/03/20 20:26:17.0390 5056 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/03/20 20:26:17.0852 5056 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/03/20 20:26:19.0860 5056 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/03/20 20:26:20.0234 5056 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2011/03/20 20:26:20.0978 5056 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/03/20 20:26:21.0423 5056 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2011/03/20 20:26:22.0074 5056 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/03/20 20:26:22.0707 5056 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/03/20 20:26:23.0334 5056 R300 (a6201fd4d96f7fa7db3ad609be60ff5c) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/03/20 20:26:23.0963 5056 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/03/20 20:26:24.0634 5056 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/03/20 20:26:25.0586 5056 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/03/20 20:26:26.0186 5056 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/03/20 20:26:26.0519 5056 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/03/20 20:26:26.0906 5056 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/03/20 20:26:27.0481 5056 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2011/03/20 20:26:28.0056 5056 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/03/20 20:26:28.0623 5056 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/03/20 20:26:29.0371 5056 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/03/20 20:26:30.0349 5056 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/03/20 20:26:30.0671 5056 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys 2011/03/20 20:26:31.0372 5056 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/03/20 20:26:32.0470 5056 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/03/20 20:26:33.0304 5056 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/03/20 20:26:33.0684 5056 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/03/20 20:26:34.0286 5056 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/03/20 20:26:35.0829 5056 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 2011/03/20 20:26:36.0140 5056 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 2011/03/20 20:26:36.0618 5056 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 2011/03/20 20:26:37.0137 5056 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/03/20 20:26:37.0678 5056 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2011/03/20 20:26:38.0181 5056 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2011/03/20 20:26:38.0775 5056 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2011/03/20 20:26:39.0682 5056 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/03/20 20:26:40.0494 5056 smserial (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys 2011/03/20 20:26:41.0555 5056 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/03/20 20:26:42.0283 5056 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2011/03/20 20:26:42.0873 5056 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2011/03/20 20:26:43.0563 5056 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2011/03/20 20:26:44.0441 5056 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/03/20 20:26:45.0396 5056 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/03/20 20:26:45.0878 5056 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/03/20 20:26:46.0521 5056 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/03/20 20:26:47.0665 5056 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/03/20 20:26:48.0371 5056 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/03/20 20:26:48.0833 5056 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/03/20 20:26:49.0345 5056 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/03/20 20:26:49.0867 5056 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/03/20 20:26:50.0162 5056 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/03/20 20:26:50.0690 5056 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/03/20 20:26:52.0326 5056 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/03/20 20:26:53.0196 5056 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/03/20 20:26:53.0756 5056 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/03/20 20:26:54.0159 5056 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2011/03/20 20:26:54.0730 5056 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/03/20 20:26:55.0845 5056 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2011/03/20 20:26:56.0407 5056 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2011/03/20 20:26:57.0194 5056 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/03/20 20:26:57.0783 5056 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/03/20 20:26:58.0568 5056 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/03/20 20:26:59.0723 5056 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys 2011/03/20 20:27:00.0269 5056 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/03/20 20:27:00.0830 5056 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/03/20 20:27:01.0140 5056 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/03/20 20:27:01.0719 5056 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/03/20 20:27:02.0343 5056 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys 2011/03/20 20:27:02.0701 5056 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/03/20 20:27:03.0107 5056 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/03/20 20:27:03.0914 5056 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/03/20 20:27:04.0308 5056 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/03/20 20:27:04.0722 5056 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2011/03/20 20:27:05.0097 5056 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2011/03/20 20:27:05.0823 5056 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 2011/03/20 20:27:06.0373 5056 viamraid (9f3f276c7300ed211129757a411b605f) C:\Windows\system32\drivers\viamraid.sys 2011/03/20 20:27:06.0758 5056 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/03/20 20:27:07.0341 5056 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/03/20 20:27:07.0678 5056 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/03/20 20:27:08.0068 5056 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2011/03/20 20:27:08.0800 5056 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/03/20 20:27:09.0131 5056 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/20 20:27:09.0481 5056 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/03/20 20:27:10.0303 5056 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2011/03/20 20:27:10.0643 5056 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/03/20 20:27:13.0287 5056 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/03/20 20:27:14.0844 5056 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/03/20 20:27:15.0986 5056 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/03/20 20:27:19.0528 5056 ================================================================================ 2011/03/20 20:27:19.0528 5056 Scan finished 2011/03/20 20:27:19.0528 5056 ================================================================================ |
21.03.2011, 10:12 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task Manager Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
21.03.2011, 15:04 | #9 |
| Problem: Schrift weg z.B. im Task ManagerCode:
ATTFilter ComboFix 11-03-19.06 - *** 21.03.2011 14:32:55.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2045.1209 [GMT 1:00] ausgeführt von:: c:\users\***\Desktop\cofi.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((( Dateien erstellt von 2011-02-21 bis 2011-03-21 )))))))))))))))))))))))))))))) . . 2011-03-21 13:41 . 2011-03-21 13:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-21 13:12 . 2011-03-21 13:12 -------- d-----w- c:\program files\CCleaner 2011-03-19 20:09 . 2011-03-19 20:09 -------- d-----w- C:\PSP Theme Toolbox 2011-03-19 10:34 . 2011-03-19 10:34 -------- d-----w- c:\program files\ESET 2011-03-18 20:50 . 2011-03-18 20:50 -------- d-----w- c:\users\***\AppData\Roaming\Malwarebytes 2011-03-18 20:50 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-03-18 20:50 . 2011-03-18 20:50 -------- d-----w- c:\programdata\Malwarebytes 2011-03-18 20:50 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-18 20:50 . 2011-03-18 20:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-03-18 17:34 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{393ADE37-6769-4BF6-896C-BBD7949FDB3E}\mpengine.dll 2011-03-17 19:53 . 2011-03-17 19:53 -------- d-----w- c:\program files\Microsoft Silverlight 2011-03-17 17:46 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-03-17 17:46 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-03-17 17:46 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-03-17 17:46 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-03-17 17:46 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-03-17 17:46 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-03-17 17:45 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr 2011-03-17 17:45 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe 2011-03-17 17:45 . 2011-03-17 17:45 -------- d-----w- c:\programdata\AVAST Software 2011-03-17 17:45 . 2011-03-17 17:45 -------- d-----w- c:\program files\AVAST Software 2011-03-17 16:02 . 2011-03-18 18:30 -------- d-----w- c:\program files\SmartFTP Client 4.0 Setup Files 2011-03-12 00:13 . 2010-07-30 19:21 32768 ----a-w- c:\windows\system32\CTFtoolDrop.dll 2011-03-12 00:13 . 2010-12-09 20:57 40960 ----a-w- c:\windows\system32\CTFtoolMenu.dll 2011-03-10 16:10 . 2006-11-05 04:58 61440 ----a-w- C:\vinverse.dll 2011-03-09 14:42 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll 2011-03-09 14:42 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll 2011-03-09 14:42 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll 2011-03-09 14:42 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax 2011-03-09 14:42 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll 2011-03-09 14:42 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-03-08 20:05 . 2011-03-08 20:05 -------- d-----w- c:\program files\SopCast 2011-03-07 20:37 . 2011-03-07 20:37 -------- d-----w- c:\users\***\AppData\Roaming\FFSJ 2011-03-02 22:54 . 2011-03-02 22:54 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2011-03-02 18:36 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll 2011-03-02 18:36 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll 2011-03-02 18:33 . 2011-03-02 18:42 -------- d-----w- c:\program files\Microsoft Works 2011-03-02 18:29 . 2011-03-02 18:29 -------- d-----w- c:\windows\PCHEALTH 2011-03-02 18:26 . 2011-03-02 18:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-03-02 18:25 . 2011-03-02 18:25 -------- d-----w- c:\users\***\AppData\Local\Microsoft Help 2011-03-02 18:24 . 2011-03-10 02:04 -------- d-----w- c:\programdata\Microsoft Help 2011-03-02 18:15 . 2011-03-02 18:15 -------- d-----r- C:\MSOCache 2011-02-28 17:51 . 2011-02-28 17:51 -------- d-----w- c:\program files\Common Files\Java 2011-02-24 00:37 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll 2011-02-20 15:53 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-20 15:53 . 2011-02-28 17:51 -------- d-----w- c:\program files\Java . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-02 16:11 . 2010-12-08 15:04 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-01-20 16:37 . 2011-02-09 14:28 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2011-01-20 16:08 . 2011-02-09 14:28 478720 ----a-w- c:\windows\system32\dxgi.dll 2011-01-20 16:08 . 2011-02-09 14:28 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2011-01-20 16:08 . 2011-02-09 14:28 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2011-01-20 16:08 . 2011-02-09 14:28 1029120 ----a-w- c:\windows\system32\d3d10.dll 2011-01-20 16:08 . 2011-02-09 14:28 189952 ----a-w- c:\windows\system32\d3d10core.dll 2011-01-20 16:07 . 2011-02-09 14:28 37376 ----a-w- c:\windows\system32\cdd.dll 2011-01-20 16:07 . 2011-02-09 14:28 258048 ----a-w- c:\windows\system32\winspool.drv 2011-01-20 16:07 . 2011-02-09 14:28 586240 ----a-w- c:\windows\system32\stobject.dll 2011-01-20 16:06 . 2011-02-09 14:28 2873344 ----a-w- c:\windows\system32\mf.dll 2011-01-20 16:06 . 2011-02-09 14:28 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll 2011-01-20 16:04 . 2011-02-09 14:28 209920 ----a-w- c:\windows\system32\mfplat.dll 2011-01-20 16:04 . 2011-02-09 14:28 98816 ----a-w- c:\windows\system32\mfps.dll 2011-01-20 14:28 . 2011-02-09 14:28 1554432 ----a-w- c:\windows\system32\xpsservices.dll 2011-01-20 14:27 . 2011-02-09 14:28 876032 ----a-w- c:\windows\system32\XpsPrint.dll 2011-01-20 14:26 . 2011-02-09 14:28 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe 2011-01-20 14:25 . 2011-02-09 14:28 847360 ----a-w- c:\windows\system32\OpcServices.dll 2011-01-20 14:24 . 2011-02-09 14:28 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-01-20 14:24 . 2011-02-09 14:28 135680 ----a-w- c:\windows\system32\XpsRasterService.dll 2011-01-20 14:15 . 2011-02-09 14:28 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-01-20 14:14 . 2011-02-09 14:28 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll 2011-01-20 14:14 . 2011-02-09 14:28 302592 ----a-w- c:\windows\system32\mfmp4src.dll 2011-01-20 14:14 . 2011-02-09 14:28 261632 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-01-20 14:12 . 2011-02-09 14:28 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2011-01-20 14:11 . 2011-02-09 14:28 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2011-01-20 13:47 . 2011-02-09 14:28 683008 ----a-w- c:\windows\system32\d2d1.dll 2011-01-20 13:44 . 2011-02-09 14:28 1068544 ----a-w- c:\windows\system32\DWrite.dll 2011-01-20 13:44 . 2011-02-09 14:28 797184 ----a-w- c:\windows\system32\FntCache.dll 2011-01-08 08:47 . 2011-02-09 14:28 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-01-08 06:28 . 2011-02-09 14:28 292352 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:57 . 2011-02-09 14:28 2039808 ----a-w- c:\windows\system32\win32k.sys 2010-12-28 15:55 . 2011-01-12 14:27 413696 ----a-w- c:\windows\system32\odbc32.dll 2010-12-22 21:57 . 2010-12-22 21:57 630784 ----a-w- C:\mvtools2.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-09 395128] "IDMan"="c:\users\***\Downloads\IDMan.exe" [2010-11-07 3257696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 3772416] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496] . c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-1-30 576000] OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] trayNotify.lnk - c:\program files\trayNotify\trayNotify.exe [2010-12-8 7091712] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-06-17 3890920] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 XDva370;XDva370;c:\windows\system32\XDva370.sys [x] R3 XDva375;XDva375;c:\windows\system32\XDva375.sys [x] R3 XDva380;XDva380;c:\windows\system32\XDva380.sys [x] R3 XDva383;XDva383;c:\windows\system32\XDva383.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592] S3 NETwLv32; Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://start.icq.com/ IE: Download aller Links mit IDM - c:\users\***\Downloads\IEGetAll.htm IE: Download FLV-Videoinhalt mit IDM - c:\users\***\Downloads\IEGetVL.htm IE: Download mit IDM - c:\users\***\Downloads\IEExt.htm IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\vkr1bu5o.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\***\AppData\Roaming\IDM\idmmzcc3 FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2011-03-21 14:42 Windows 6.0.6002 Service Pack 2 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3879987039-2819738337-1481357284-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):5e,8f,0f,cc,0d,ab,12,21,bf,d7,38,fb,35,5a,84,36,12,92,6a,d0,2c, 9b,ef,3f,dc,e4,0d,a1,fb,9b,2f,fd,c0,20,81,e0,72,d6,58,09,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3879987039-2819738337-1481357284-1000_Classes\CLSID\{90077b0d-cc9e-4ab8-9dd8-fb919c673a9f}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Zeit der Fertigstellung: 2011-03-21 14:47:06 ComboFix-quarantined-files.txt 2011-03-21 13:47 . Vor Suchlauf: 9.084.833.792 Bytes frei Nach Suchlauf: 9.540.476.928 Bytes frei . - - End Of File - - 5EB948BF60B021B55AEA083ED1FAC8B2 |
21.03.2011, 15:59 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task Manager Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
21.03.2011, 16:51 | #11 |
| Problem: Schrift weg z.B. im Task Manager GMER hat leider nicht funktioniert. osam: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 16:46:14 on 21.03.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Opera Software Opera Internet Browser 11.01 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys "aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys (File not found) "Driver for MagicISO SCSI Host Controller" (mcdbus) - "MagicISO, Inc." - C:\Windows\System32\DRIVERS\mcdbus.sys "EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "NPPTNT2" (NPPTNT2) - "INCA Internet Co., Ltd." - C:\Windows\system32\npptNT2.sys "XDva370" (XDva370) - ? - C:\Windows\system32\XDva370.sys (File not found) "XDva375" (XDva375) - ? - C:\Windows\system32\XDva375.sys (File not found) "XDva380" (XDva380) - ? - C:\Windows\system32\XDva380.sys (File not found) "XDva383" (XDva383) - ? - C:\Windows\system32\XDva383.sys (File not found) [Explorer] -----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {913B3F0F-AB72-4223-82AD-D0F6531E06D2} "CTFtoolDrop.clsDropHandler" - "patpat" - C:\Windows\system32\CTFtoolDrop.dll {32CC64CC-ABCD-1234-A268-E22E334933D7} "CTFtool_Menu" - "patpat" - C:\Windows\system32\CTFtoolMenu.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {8A56567E-A333-4843-B6E1-C3A262E41D8C} "HashPage Class" - "Beeblebrox.org" - C:\Program Files\HashTab Shell Extension\HashTab32.dll {B1883831-F0D8-4453-8245-EEAAD866DD6E} "HashTab Context Menu" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - (File not found | COM-object registry key not found) {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - (File not found | COM-object registry key not found) {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - (File not found | COM-object registry key not found) {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - (File not found | COM-object registry key not found) {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {0055C089-8582-441B-A0BF-17B458C2A3A8} "IDMIEHlprObj Class" - "Tonec Inc." - C:\Users\***\Downloads\IDMIECC.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "MagicDisc.lnk" - "MagicISO, Inc." - C:\Program Files\MagicDisc\MagicDisc.exe (Shortcut exists | File exists) "OpenOffice.org 3.2.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) "trayNotify.lnk" - "Dako-kun" - C:\Program Files\trayNotify\trayNotify.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "IDMan" - "Tonec Inc." - C:\Users\***\Downloads\IDMan.exe /onboot "uTorrent" - "BitTorrent, Inc." - "C:\Program Files\uTorrent\uTorrent.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "ATICCC" - ? - "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" (File found, but it contains no detailed information) "avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: FUJITSU SIEMENS BIOS Manufacturer: FUJITSU SIEMENS System Manufacturer: FUJITSU SIEMENS System Product Name: AMILO Xi 1554 Logical Drives Mask: 0x0000017c Kernel Drivers (total 152): 0x82034000 \SystemRoot\system32\ntkrnlpa.exe 0x82001000 \SystemRoot\system32\hal.dll 0x8060C000 \SystemRoot\system32\kdcom.dll 0x80613000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x80683000 \SystemRoot\system32\PSHED.dll 0x80694000 \SystemRoot\system32\BOOTVID.dll 0x8069C000 \SystemRoot\system32\CLFS.SYS 0x806DD000 \SystemRoot\system32\CI.dll 0x8260E000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8268A000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x82697000 \SystemRoot\system32\drivers\acpi.sys 0x826DD000 \SystemRoot\system32\drivers\WMILIB.SYS 0x826E6000 \SystemRoot\system32\drivers\msisadrv.sys 0x826EE000 \SystemRoot\system32\drivers\pci.sys 0x82715000 \SystemRoot\System32\drivers\partmgr.sys 0x82724000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x82727000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x82731000 \SystemRoot\system32\drivers\volmgr.sys 0x82740000 \SystemRoot\System32\drivers\volmgrx.sys 0x8278A000 \SystemRoot\system32\drivers\intelide.sys 0x82791000 \SystemRoot\system32\drivers\PCIIDEX.SYS 0x8279F000 \SystemRoot\System32\drivers\mountmgr.sys 0x827AF000 \SystemRoot\system32\drivers\atapi.sys 0x827B7000 \SystemRoot\system32\drivers\ataport.SYS 0x827D5000 \SystemRoot\system32\drivers\viamraid.sys 0x807BD000 \SystemRoot\system32\drivers\SCSIPORT.SYS 0x82C08000 \SystemRoot\system32\drivers\vsmraid.sys 0x82C26000 \SystemRoot\system32\drivers\storport.sys 0x82C67000 \SystemRoot\system32\drivers\fltmgr.sys 0x82C99000 \SystemRoot\system32\drivers\fileinfo.sys 0x82CA9000 \SystemRoot\System32\Drivers\ksecdd.sys 0x82E05000 \SystemRoot\system32\drivers\ndis.sys 0x82F10000 \SystemRoot\system32\drivers\msrpc.sys 0x82F3B000 \SystemRoot\system32\drivers\NETIO.SYS 0x88200000 \SystemRoot\System32\drivers\tcpip.sys 0x882EA000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x88402000 \SystemRoot\System32\Drivers\Ntfs.sys 0x88512000 \SystemRoot\system32\drivers\volsnap.sys 0x8854B000 \SystemRoot\System32\Drivers\spldr.sys 0x88553000 \SystemRoot\System32\Drivers\mup.sys 0x88562000 \SystemRoot\System32\drivers\ecache.sys 0x88589000 \SystemRoot\system32\drivers\disk.sys 0x8859A000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x885BB000 \SystemRoot\system32\drivers\crcdisk.sys 0x885F4000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x88305000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x8830E000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x8831D000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8C006000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x8C733000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8C7D3000 \SystemRoot\System32\drivers\watchdog.sys 0x8C7DF000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x88321000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8C800000 \SystemRoot\system32\DRIVERS\NETwLv32.sys 0x8CE5F000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8CE6A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8CEA8000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8CEB7000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x8CEC7000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x8CED5000 \SystemRoot\system32\DRIVERS\Rtlh86.sys 0x8CEE4000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x8CEF7000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8CF02000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8CF0D000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8CF25000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8CF54000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8CF5F000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8CF76000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8CF81000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8CFA4000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8CFB3000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8CFC7000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8CFDC000 \SystemRoot\system32\DRIVERS\termdd.sys 0x883AE000 \SystemRoot\system32\DRIVERS\mcdbus.sys 0x8CFEC000 \SystemRoot\system32\DRIVERS\swenum.sys 0x883CB000 \SystemRoot\system32\DRIVERS\ks.sys 0x8CFEE000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8C7E8000 \SystemRoot\system32\DRIVERS\umbus.sys 0x82F76000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x82FAB000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8D20A000 \SystemRoot\system32\DRIVERS\smserial.sys 0x8D301000 \SystemRoot\system32\drivers\modem.sys 0x8D40D000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x8D59D000 \SystemRoot\system32\drivers\portcls.sys 0x8D5CA000 \SystemRoot\system32\drivers\drmk.sys 0x8D30E000 \SystemRoot\System32\Drivers\aswSnx.SYS 0x8D5EF000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8D5F8000 \SystemRoot\System32\Drivers\Null.SYS 0x8D400000 \SystemRoot\System32\Drivers\Beep.SYS 0x8D36C000 \SystemRoot\System32\drivers\vga.sys 0x8D378000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8D399000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8D3A1000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8D3A9000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8D3B4000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8D3C2000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x8D3CB000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8D3E1000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x8D3EB000 \SystemRoot\system32\DRIVERS\smb.sys 0x82D1A000 \SystemRoot\system32\drivers\afd.sys 0x8D407000 \SystemRoot\System32\Drivers\aswRdr.SYS 0x82FBC000 \SystemRoot\System32\DRIVERS\netbt.sys 0x82D62000 \SystemRoot\system32\DRIVERS\pacer.sys 0x82FEE000 \SystemRoot\system32\DRIVERS\netbios.sys 0x82D78000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x82D8B000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8D200000 \SystemRoot\system32\drivers\nsiproxy.sys 0x82DC7000 \SystemRoot\System32\Drivers\dfsc.sys 0x8DA08000 \SystemRoot\System32\Drivers\aswSP.SYS 0x8DA50000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x8DA65000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8DA67000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8DA74000 \SystemRoot\System32\Drivers\dump_diskdump.sys 0x8DA7E000 \SystemRoot\System32\Drivers\dump_viamraid.sys 0x8DA97000 \SystemRoot\System32\Drivers\BTHUSB.sys 0x8DAA4000 \SystemRoot\System32\Drivers\bthport.sys 0x8DB24000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x8DB2D000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x8DB3D000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x8DB44000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x8DB4C000 \SystemRoot\system32\DRIVERS\rfcomm.sys 0x8DB75000 \SystemRoot\system32\DRIVERS\BthEnum.sys 0x8DB7F000 \SystemRoot\system32\DRIVERS\bthpan.sys 0x95A20000 \SystemRoot\System32\win32k.sys 0x8DB99000 \SystemRoot\System32\drivers\Dxapi.sys 0x8DBA3000 \SystemRoot\system32\DRIVERS\monitor.sys 0x95C40000 \SystemRoot\System32\TSDDD.dll 0x95C60000 \SystemRoot\System32\cdd.dll 0x95C70000 \SystemRoot\System32\ATMFD.DLL 0x8DBB2000 \SystemRoot\system32\drivers\luafv.sys 0x9880E000 \??\C:\Windows\system32\drivers\aswMonFlt.sys 0x98846000 \SystemRoot\System32\Drivers\aswFsBlk.SYS 0x98851000 \SystemRoot\system32\drivers\spsys.sys 0x98901000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x98911000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x9893B000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x98945000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x98958000 \SystemRoot\system32\drivers\HTTP.sys 0x989C5000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x989E2000 \SystemRoot\system32\DRIVERS\bowser.sys 0x8DBCD000 \SystemRoot\System32\drivers\mpsdrv.sys 0x885C4000 \SystemRoot\system32\drivers\mrxdav.sys 0x82DDE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x9B600000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x9B639000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x9B651000 \SystemRoot\System32\DRIVERS\srv2.sys 0x9B679000 \SystemRoot\System32\DRIVERS\srv.sys 0x9B6C7000 \SystemRoot\system32\drivers\peauth.sys 0x9B7A5000 \SystemRoot\System32\Drivers\secdrv.SYS 0x9B7AF000 \SystemRoot\System32\drivers\tcpipreg.sys 0x9B7BB000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x76FB0000 \Windows\System32\ntdll.dll Processes (total 59): 0 System Idle Process 4 System 468 C:\Windows\System32\smss.exe 584 csrss.exe 636 C:\Windows\System32\wininit.exe 648 csrss.exe 680 C:\Windows\System32\services.exe 736 C:\Windows\System32\winlogon.exe 752 C:\Windows\System32\lsass.exe 760 C:\Windows\System32\lsm.exe 904 C:\Windows\System32\svchost.exe 984 C:\Windows\System32\svchost.exe 1020 C:\Windows\System32\svchost.exe 1104 C:\Windows\System32\Ati2evxx.exe 1132 C:\Windows\System32\svchost.exe 1204 C:\Windows\System32\svchost.exe 1216 C:\Windows\System32\svchost.exe 1284 C:\Windows\System32\audiodg.exe 1308 C:\Windows\System32\svchost.exe 1328 C:\Windows\System32\SLsvc.exe 1360 C:\Windows\System32\svchost.exe 1440 C:\Windows\System32\Ati2evxx.exe 1636 C:\Windows\System32\svchost.exe 1768 C:\Program Files\AVAST Software\Avast\AvastSvc.exe 2000 C:\Windows\System32\spoolsv.exe 2024 C:\Windows\System32\svchost.exe 652 C:\Windows\System32\svchost.exe 1676 C:\Windows\System32\svchost.exe 968 C:\Windows\System32\svchost.exe 2092 C:\Windows\System32\svchost.exe 2128 C:\Windows\System32\SearchIndexer.exe 2448 C:\Windows\System32\dwm.exe 2472 C:\Windows\explorer.exe 2788 C:\Windows\System32\taskeng.exe 2956 C:\Windows\System32\taskeng.exe 3240 C:\Windows\RtHDVCpl.exe 3360 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 3368 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3388 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 3396 C:\Program Files\AVAST Software\Avast\AvastUI.exe 3484 C:\Program Files\uTorrent\uTorrent.exe 3508 C:\Users\***\Downloads\IDMan.exe 3580 C:\Program Files\MagicDisc\MagicDisc.exe 3620 C:\Program Files\trayNotify\trayNotify.exe 3688 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe 3744 C:\Program Files\OpenOffice.org 3\program\soffice.exe 928 C:\Program Files\Mozilla Firefox\firefox.exe 1532 C:\Program Files\OpenOffice.org 3\program\soffice.bin 2756 C:\Windows\System32\svchost.exe 2548 C:\Program Files\Mozilla Firefox\plugin-container.exe 2424 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe 3148 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe 3720 C:\Users\***\Downloads\Neuer Ordner\osam.exe 2340 C:\Windows\System32\notepad.exe 1368 taskeng.exe 2436 C:\Windows\System32\SearchProtocolHost.exe 3292 C:\Windows\System32\SearchFilterHost.exe 696 C:\Users\***\Desktop\MBRCheck.exe 2704 C:\Windows\System32\conime.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`ee100000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS) \\.\E: --> \\.\PhysicalDrive0 at offset 0x0000001e`6ef00000 (NTFS) \\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS) PhysicalDrive0 Model Number: WDCWD1600BEVS-22RST0, Rev: 04.01G04 PhysicalDrive1 Model Number: SAMSUNGHD501LJ, Rev: 0-06 Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979 465 GB \\.\PhysicalDrive1 RE: Windows 98 MBR code detected SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E Done! |
21.03.2011, 18:14 | #12 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task ManagerZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
21.03.2011, 18:54 | #13 |
| Problem: Schrift weg z.B. im Task Manager Als ich die Daten deaktiviert habe, ist bei mir nach dem Neustart kein Report erschienen oder es ist erschienen und ich konnte es nicht lesen, weil sehr viel Schrift weg ist. Neue osam-logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:52:28 on 21.03.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Opera Software Opera Internet Browser 11.01 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL "Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys "aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys "aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys "aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys "aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys "avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys "catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys (File not found) "Driver for MagicISO SCSI Host Controller" (mcdbus) - "MagicISO, Inc." - C:\Windows\System32\DRIVERS\mcdbus.sys "EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "NPPTNT2" (NPPTNT2) - "INCA Internet Co., Ltd." - C:\Windows\system32\npptNT2.sys [Explorer] -----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )----- {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll {88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {913B3F0F-AB72-4223-82AD-D0F6531E06D2} "CTFtoolDrop.clsDropHandler" - "patpat" - C:\Windows\system32\CTFtoolDrop.dll {32CC64CC-ABCD-1234-A268-E22E334933D7} "CTFtool_Menu" - "patpat" - C:\Windows\system32\CTFtoolMenu.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {8A56567E-A333-4843-B6E1-C3A262E41D8C} "HashPage Class" - "Beeblebrox.org" - C:\Program Files\HashTab Shell Extension\HashTab32.dll {B1883831-F0D8-4453-8245-EEAAD866DD6E} "HashTab Context Menu" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL {00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - (File not found | COM-object registry key not found) {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - (File not found | COM-object registry key not found) {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - (File not found | COM-object registry key not found) {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - (File not found | COM-object registry key not found) {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? - (File not found | COM-object registry key not found) {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll {FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- <binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll {72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll {0055C089-8582-441B-A0BF-17B458C2A3A8} "IDMIEHlprObj Class" - "Tonec Inc." - C:\Users\***\Downloads\IDMIECC.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "MagicDisc.lnk" - "MagicISO, Inc." - C:\Program Files\MagicDisc\MagicDisc.exe (Shortcut exists | File exists) "OpenOffice.org 3.2.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) "trayNotify.lnk" - "Dako-kun" - C:\Program Files\trayNotify\trayNotify.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "IDMan" - "Tonec Inc." - C:\Users\***\Downloads\IDMan.exe /onboot "uTorrent" - "BitTorrent, Inc." - "C:\Program Files\uTorrent\uTorrent.exe" -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "ATICCC" - ? - "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" (File found, but it contains no detailed information) "avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui "GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE "Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe "nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru |
21.03.2011, 19:14 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Problem: Schrift weg z.B. im Task Manager Schrift ist immer noch weg? Kannst du mal ein neues Benutzerprofil über die Systemsteuerung erstellen und schauen ob da noch alles intakt ist?
__________________ Logfiles bitte immer in CODE-Tags posten |
21.03.2011, 19:23 | #15 |
| Problem: Schrift weg z.B. im Task Manager Ja, die Schrift ist leider immer noch weg, auch bei anderen Benutzerprofilen Also, das Problem besteht weiterhin |
Themen zu Problem: Schrift weg z.B. im Task Manager |
allgemein, andere, anderen, anhang, avira, befindet, beseitigt, deinstallation, eingefangen, forum, gefangen, gen, hoffe, log-file, manager, nichts, problem, screen, suche, task manager, troja, trojaner, trojaner eingefangen, verändert, weiterhelfen |