|
Plagegeister aller Art und deren Bekämpfung: Allgemeine Fragen...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.04.2011, 13:53 | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Virenscanner ABSTELLEN, den Ordner _OTL auf den Desktop kopieren und dort zippen.
__________________ Logfiles bitte immer in CODE-Tags posten |
04.04.2011, 14:02 | #17 |
| Allgemeine Fragen... Vorgang erfolgreich abgeschlossen.
__________________ |
04.04.2011, 14:47 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ |
04.04.2011, 18:20 | #19 |
| Allgemeine Fragen... Geht leider nicht >.< Das geöffnete Fenster lässt sich nur schließen indem man die confi.exe über Prozesse beendet. Ansonsten kommt es immer und immer wieder. |
04.04.2011, 20:09 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Rechtsklick -> als Admin ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
04.04.2011, 20:27 | #21 |
| Allgemeine Fragen... Kommt leider dasselbe |
04.04.2011, 20:33 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Dann erstmal dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
04.04.2011, 20:52 | #23 |
| Allgemeine Fragen... 2011/04/04 21:50:24.0855 1732 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28 2011/04/04 21:50:25.0229 1732 ================================================================================ 2011/04/04 21:50:25.0229 1732 SystemInfo: 2011/04/04 21:50:25.0229 1732 2011/04/04 21:50:25.0229 1732 OS Version: 6.1.7600 ServicePack: 0.0 2011/04/04 21:50:25.0229 1732 Product type: Workstation 2011/04/04 21:50:25.0229 1732 ComputerName: HORST 2011/04/04 21:50:25.0229 1732 UserName: Gpa 2011/04/04 21:50:25.0229 1732 Windows directory: C:\Windows 2011/04/04 21:50:25.0229 1732 System windows directory: C:\Windows 2011/04/04 21:50:25.0229 1732 Processor architecture: Intel x86 2011/04/04 21:50:25.0229 1732 Number of processors: 2 2011/04/04 21:50:25.0229 1732 Page size: 0x1000 2011/04/04 21:50:25.0229 1732 Boot type: Normal boot 2011/04/04 21:50:25.0229 1732 ================================================================================ 2011/04/04 21:50:26.0150 1732 Initialize success 2011/04/04 21:50:35.0400 3456 ================================================================================ 2011/04/04 21:50:35.0400 3456 Scan started 2011/04/04 21:50:35.0400 3456 Mode: Manual; 2011/04/04 21:50:35.0400 3456 ================================================================================ 2011/04/04 21:50:37.0304 3456 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/04/04 21:50:37.0350 3456 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 2011/04/04 21:50:37.0366 3456 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/04/04 21:50:37.0413 3456 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/04/04 21:50:37.0444 3456 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/04/04 21:50:37.0475 3456 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/04/04 21:50:37.0522 3456 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys 2011/04/04 21:50:37.0553 3456 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 2011/04/04 21:50:37.0600 3456 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/04/04 21:50:37.0662 3456 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 2011/04/04 21:50:37.0678 3456 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 2011/04/04 21:50:37.0709 3456 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 2011/04/04 21:50:37.0725 3456 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/04/04 21:50:37.0740 3456 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/04/04 21:50:37.0756 3456 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys 2011/04/04 21:50:37.0787 3456 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/04/04 21:50:37.0881 3456 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys 2011/04/04 21:50:37.0912 3456 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 2011/04/04 21:50:37.0959 3456 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/04/04 21:50:37.0974 3456 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/04/04 21:50:38.0006 3456 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/04/04 21:50:38.0021 3456 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 2011/04/04 21:50:38.0084 3456 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/04/04 21:50:38.0099 3456 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys 2011/04/04 21:50:38.0130 3456 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/04/04 21:50:38.0208 3456 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/04/04 21:50:38.0255 3456 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/04/04 21:50:38.0286 3456 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/04/04 21:50:38.0302 3456 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys 2011/04/04 21:50:38.0333 3456 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/04/04 21:50:38.0333 3456 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/04/04 21:50:38.0364 3456 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/04/04 21:50:38.0458 3456 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/04/04 21:50:38.0474 3456 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/04/04 21:50:38.0489 3456 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/04/04 21:50:38.0489 3456 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/04/04 21:50:38.0520 3456 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/04/04 21:50:38.0536 3456 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 2011/04/04 21:50:38.0567 3456 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/04/04 21:50:38.0614 3456 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/04/04 21:50:38.0645 3456 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/04/04 21:50:38.0676 3456 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 2011/04/04 21:50:38.0708 3456 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/04/04 21:50:38.0723 3456 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/04/04 21:50:38.0754 3456 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/04/04 21:50:38.0770 3456 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/04/04 21:50:38.0848 3456 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 2011/04/04 21:50:38.0879 3456 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys 2011/04/04 21:50:38.0895 3456 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/04/04 21:50:38.0926 3456 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/04/04 21:50:38.0988 3456 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/04/04 21:50:39.0113 3456 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 2011/04/04 21:50:39.0191 3456 e1kexpress (3ea531906572ffd549b72a10f828e58c) C:\Windows\system32\DRIVERS\e1k6032.sys 2011/04/04 21:50:39.0316 3456 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/04/04 21:50:39.0441 3456 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/04/04 21:50:39.0488 3456 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 2011/04/04 21:50:39.0519 3456 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/04/04 21:50:39.0550 3456 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/04/04 21:50:39.0581 3456 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/04/04 21:50:39.0597 3456 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/04/04 21:50:39.0612 3456 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/04/04 21:50:39.0612 3456 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/04/04 21:50:39.0644 3456 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/04/04 21:50:39.0659 3456 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/04/04 21:50:39.0675 3456 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/04/04 21:50:39.0722 3456 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 2011/04/04 21:50:39.0737 3456 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/04/04 21:50:39.0800 3456 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/04/04 21:50:39.0878 3456 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/04/04 21:50:39.0940 3456 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 2011/04/04 21:50:39.0956 3456 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/04/04 21:50:39.0971 3456 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/04/04 21:50:39.0987 3456 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/04/04 21:50:40.0018 3456 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/04/04 21:50:40.0080 3456 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 2011/04/04 21:50:40.0112 3456 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/04/04 21:50:40.0158 3456 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 2011/04/04 21:50:40.0190 3456 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 2011/04/04 21:50:40.0236 3456 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/04/04 21:50:40.0252 3456 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/04/04 21:50:40.0502 3456 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/04/04 21:50:40.0720 3456 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/04/04 21:50:40.0736 3456 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 2011/04/04 21:50:40.0767 3456 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/04/04 21:50:40.0782 3456 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/04/04 21:50:40.0798 3456 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/04/04 21:50:40.0814 3456 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/04/04 21:50:40.0907 3456 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/04/04 21:50:40.0923 3456 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 2011/04/04 21:50:40.0954 3456 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/04/04 21:50:41.0001 3456 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/04/04 21:50:41.0048 3456 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/04/04 21:50:41.0079 3456 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys 2011/04/04 21:50:41.0110 3456 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys 2011/04/04 21:50:41.0172 3456 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/04/04 21:50:41.0204 3456 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/04/04 21:50:41.0219 3456 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/04/04 21:50:41.0250 3456 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/04/04 21:50:41.0266 3456 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/04/04 21:50:41.0282 3456 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/04/04 21:50:41.0297 3456 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/04/04 21:50:41.0313 3456 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/04/04 21:50:41.0328 3456 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/04/04 21:50:41.0344 3456 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/04/04 21:50:41.0391 3456 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/04/04 21:50:41.0406 3456 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/04/04 21:50:41.0422 3456 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 2011/04/04 21:50:41.0438 3456 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 2011/04/04 21:50:41.0453 3456 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/04/04 21:50:41.0531 3456 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 2011/04/04 21:50:41.0594 3456 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/04/04 21:50:41.0625 3456 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/04/04 21:50:41.0656 3456 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/04/04 21:50:41.0687 3456 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 2011/04/04 21:50:41.0703 3456 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 2011/04/04 21:50:41.0734 3456 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/04/04 21:50:41.0765 3456 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/04/04 21:50:41.0796 3456 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/04/04 21:50:41.0859 3456 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/04/04 21:50:41.0859 3456 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/04/04 21:50:41.0874 3456 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/04/04 21:50:41.0890 3456 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/04/04 21:50:41.0921 3456 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/04/04 21:50:41.0921 3456 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/04/04 21:50:41.0937 3456 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/04/04 21:50:41.0952 3456 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/04/04 21:50:42.0015 3456 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/04/04 21:50:42.0062 3456 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 2011/04/04 21:50:42.0077 3456 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/04/04 21:50:42.0108 3456 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/04/04 21:50:42.0202 3456 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/04/04 21:50:42.0218 3456 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/04/04 21:50:42.0249 3456 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 2011/04/04 21:50:42.0264 3456 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/04/04 21:50:42.0280 3456 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 2011/04/04 21:50:42.0311 3456 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/04/04 21:50:42.0342 3456 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/04/04 21:50:42.0358 3456 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/04/04 21:50:42.0405 3456 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys 2011/04/04 21:50:42.0483 3456 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/04/04 21:50:42.0514 3456 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/04/04 21:50:42.0545 3456 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys 2011/04/04 21:50:42.0576 3456 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/04/04 21:50:42.0592 3456 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/04/04 21:50:42.0639 3456 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/04/04 21:50:42.0670 3456 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 2011/04/04 21:50:42.0686 3456 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/04/04 21:50:42.0701 3456 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 2011/04/04 21:50:42.0732 3456 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 2011/04/04 21:50:42.0748 3456 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/04/04 21:50:42.0779 3456 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/04/04 21:50:42.0857 3456 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/04/04 21:50:42.0951 3456 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/04/04 21:50:42.0966 3456 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/04/04 21:50:43.0029 3456 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/04/04 21:50:43.0076 3456 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/04/04 21:50:43.0122 3456 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/04/04 21:50:43.0154 3456 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/04/04 21:50:43.0185 3456 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/04/04 21:50:43.0247 3456 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/04/04 21:50:43.0263 3456 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/04/04 21:50:43.0310 3456 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/04/04 21:50:43.0356 3456 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/04/04 21:50:43.0372 3456 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 2011/04/04 21:50:43.0403 3456 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/04/04 21:50:43.0419 3456 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/04/04 21:50:43.0481 3456 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 2011/04/04 21:50:43.0559 3456 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/04/04 21:50:43.0575 3456 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/04/04 21:50:43.0590 3456 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys 2011/04/04 21:50:43.0606 3456 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 2011/04/04 21:50:43.0653 3456 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/04/04 21:50:43.0684 3456 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 2011/04/04 21:50:43.0715 3456 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/04/04 21:50:43.0731 3456 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 2011/04/04 21:50:43.0762 3456 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/04/04 21:50:43.0778 3456 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/04/04 21:50:43.0793 3456 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/04/04 21:50:43.0809 3456 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/04/04 21:50:43.0824 3456 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/04/04 21:50:43.0840 3456 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/04/04 21:50:43.0856 3456 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/04/04 21:50:43.0871 3456 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/04/04 21:50:43.0887 3456 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 2011/04/04 21:50:43.0918 3456 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/04/04 21:50:43.0934 3456 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/04/04 21:50:43.0996 3456 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/04/04 21:50:44.0043 3456 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/04/04 21:50:44.0090 3456 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys 2011/04/04 21:50:44.0136 3456 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys 2011/04/04 21:50:44.0183 3456 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys 2011/04/04 21:50:44.0246 3456 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys 2011/04/04 21:50:44.0292 3456 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/04/04 21:50:44.0370 3456 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 2011/04/04 21:50:44.0402 3456 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 2011/04/04 21:50:44.0433 3456 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 2011/04/04 21:50:44.0511 3456 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys 2011/04/04 21:50:44.0636 3456 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys 2011/04/04 21:50:44.0667 3456 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 2011/04/04 21:50:44.0698 3456 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 2011/04/04 21:50:44.0698 3456 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys 2011/04/04 21:50:44.0729 3456 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 2011/04/04 21:50:44.0776 3456 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 2011/04/04 21:50:44.0838 3456 truecrypt (be45dad1c73a3216edc8c485916f6594) C:\Windows\system32\drivers\truecrypt.sys 2011/04/04 21:50:44.0870 3456 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/04/04 21:50:44.0901 3456 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 2011/04/04 21:50:44.0916 3456 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/04/04 21:50:44.0932 3456 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 2011/04/04 21:50:44.0979 3456 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/04/04 21:50:45.0010 3456 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 2011/04/04 21:50:45.0088 3456 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/04/04 21:50:45.0166 3456 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 2011/04/04 21:50:45.0182 3456 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/04/04 21:50:45.0213 3456 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 2011/04/04 21:50:45.0228 3456 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys 2011/04/04 21:50:45.0260 3456 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys 2011/04/04 21:50:45.0275 3456 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 2011/04/04 21:50:45.0291 3456 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/04/04 21:50:45.0306 3456 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/04/04 21:50:45.0322 3456 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/04/04 21:50:45.0353 3456 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/04/04 21:50:45.0369 3456 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/04/04 21:50:45.0384 3456 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/04/04 21:50:45.0400 3456 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/04/04 21:50:45.0416 3456 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 2011/04/04 21:50:45.0431 3456 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/04/04 21:50:45.0462 3456 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 2011/04/04 21:50:45.0494 3456 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 2011/04/04 21:50:45.0509 3456 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 2011/04/04 21:50:45.0540 3456 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/04/04 21:50:45.0572 3456 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/04/04 21:50:45.0587 3456 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 2011/04/04 21:50:45.0634 3456 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/04/04 21:50:45.0650 3456 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/04/04 21:50:45.0681 3456 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/04/04 21:50:45.0696 3456 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/04 21:50:45.0712 3456 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 2011/04/04 21:50:45.0743 3456 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/04/04 21:50:45.0837 3456 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/04/04 21:50:45.0899 3456 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/04/04 21:50:45.0915 3456 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/04/04 21:50:46.0008 3456 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/04/04 21:50:46.0055 3456 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/04/04 21:50:46.0086 3456 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/04/04 21:50:46.0133 3456 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 2011/04/04 21:50:46.0149 3456 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/04/04 21:50:46.0617 3456 ================================================================================ 2011/04/04 21:50:46.0617 3456 Scan finished 2011/04/04 21:50:46.0617 3456 ================================================================================ |
04.04.2011, 20:55 | #24 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
04.04.2011, 21:39 | #25 |
| Allgemeine Fragen... GMER Logfile: Code:
ATTFilter GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover Rootkit scan 2011-04-04 22:25:31 Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD800JD-75MSA3 rev.10.01E04 Running: qy9usbfk.exe; Driver: C:\Users\Gpa\AppData\Local\Temp\fxldipoc.sys ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13BD 82851589 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82876092 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\system32\rundll32.exe[1488] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75175E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[1488] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75175E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[1488] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75175E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation) IAT C:\Windows\system32\rundll32.exe[1488] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75175E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \Driver\ACPI_HAL \Device\00000043 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ---- OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 22:35:11 on 04.04.2011 OS: Windows 7 Ultimate Edition (Build 7600), 32-bit Default Browser: Google Inc. Google Chrome 0.0.0.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Control Panel Objects] -----( %SystemRoot%\system32 )----- "DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "fxldipoc" (fxldipoc) - ? - C:\Users\Gpa\AppData\Local\Temp\fxldipoc.sys (Hidden registry entry, rootkit activity | File not found) "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys "truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\System32\drivers\truecrypt.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll {83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - ? - (File not found | COM-object registry key not found) [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )----- {855F3B16-6D32-4fe6-8A56-BBB695989046} "{855F3B16-6D32-4fe6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) {B922D405-6D13-4A2B-AE89-08A030DA4402} "{B922D405-6D13-4A2B-AE89-08A030DA4402}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab {D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10o.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {855F3B16-6D32-4FE6-8A56-BBB695989046} "{855F3B16-6D32-4FE6-8A56-BBB695989046}" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "ICQ7.4" - "ICQ, LLC." - C:\Program Files\ICQ7.4\ICQ.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Gpa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "short.zip" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\short.zip -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Google Update" - "Google Inc." - "C:\Users\Gpa\AppData\Local\Google\Update\GoogleUpdate.exe" /c "ICQ" - "ICQ, LLC." - "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4 -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min "DivXUpdate" - ? - "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "iTunesHelper" - "Apple Inc." - "C:\Program Files\iTunes\iTunesHelper.exe" "Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript "QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll (File found, but it contains no detailed information) [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Application Updater" (Application Updater) - "Spigot, Inc." - C:\Program Files\Application Updater\ApplicationUpdater.exe "Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe "Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe "ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Ultimate Edition Windows Information: (build 7600), 32-bit Base Board Manufacturer: Dell Inc. BIOS Manufacturer: Dell Inc. System Manufacturer: Dell Inc. System Product Name: OptiPlex 760 Logical Drives Mask: 0x0000001c Kernel Drivers (total 188): 0x8280E000 \SystemRoot\system32\ntkrnlpa.exe 0x82C1E000 \SystemRoot\system32\halmacpi.dll 0x80BAA000 \SystemRoot\system32\kdcom.dll 0x82E35000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x82EAD000 \SystemRoot\system32\PSHED.dll 0x82EBE000 \SystemRoot\system32\BOOTVID.dll 0x82EC6000 \SystemRoot\system32\CLFS.SYS 0x82F08000 \SystemRoot\system32\CI.dll 0x88230000 \SystemRoot\system32\drivers\Wdf01000.sys 0x882A1000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x882AF000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x882F7000 \SystemRoot\system32\DRIVERS\WMILIB.SYS 0x88300000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x88308000 \SystemRoot\system32\DRIVERS\pci.sys 0x88332000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x8833D000 \SystemRoot\System32\drivers\partmgr.sys 0x8834E000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x8835E000 \SystemRoot\System32\drivers\volmgrx.sys 0x883A9000 \SystemRoot\system32\DRIVERS\pciide.sys 0x883B0000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x883BE000 \SystemRoot\System32\drivers\mountmgr.sys 0x883D4000 \SystemRoot\system32\DRIVERS\atapi.sys 0x883DD000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x88200000 \SystemRoot\system32\DRIVERS\msahci.sys 0x8820A000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x82FB3000 \SystemRoot\system32\drivers\fltmgr.sys 0x88213000 \SystemRoot\system32\drivers\fileinfo.sys 0x88436000 \SystemRoot\System32\Drivers\Ntfs.sys 0x88565000 \SystemRoot\System32\Drivers\msrpc.sys 0x88590000 \SystemRoot\System32\Drivers\ksecdd.sys 0x885A3000 \SystemRoot\System32\Drivers\cng.sys 0x88400000 \SystemRoot\System32\drivers\pcw.sys 0x8840E000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x88602000 \SystemRoot\system32\drivers\ndis.sys 0x886B9000 \SystemRoot\system32\drivers\NETIO.SYS 0x886F7000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x8883E000 \SystemRoot\System32\drivers\tcpip.sys 0x88987000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x889B8000 \SystemRoot\system32\DRIVERS\vmstorfl.sys 0x889C1000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x88800000 \SystemRoot\System32\Drivers\spldr.sys 0x88808000 \SystemRoot\System32\drivers\rdyboost.sys 0x8871C000 \SystemRoot\System32\Drivers\mup.sys 0x88835000 \SystemRoot\System32\drivers\hwpolicy.sys 0x8872C000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x8875E000 \SystemRoot\system32\DRIVERS\disk.sys 0x8876F000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x887C7000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x887E6000 \SystemRoot\System32\Drivers\Null.SYS 0x887ED000 \SystemRoot\System32\Drivers\Beep.SYS 0x887F4000 \SystemRoot\System32\drivers\vga.sys 0x82E00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x88417000 \SystemRoot\System32\drivers\watchdog.sys 0x88424000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8842C000 \SystemRoot\system32\drivers\rdpencdd.sys 0x88224000 \SystemRoot\system32\drivers\rdprefmp.sys 0x82E21000 \SystemRoot\System32\Drivers\Msfs.SYS 0x82FE7000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8C200000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8C217000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8C222000 \SystemRoot\system32\drivers\afd.sys 0x8C27C000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8C2AE000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x8C2B5000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8C2D4000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8C2E2000 \SystemRoot\system32\DRIVERS\serial.sys 0x8C2FC000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8C30F000 \SystemRoot\System32\drivers\truecrypt.sys 0x8C346000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8C356000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0x8C35C000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8C39D000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8C3A7000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8C3B1000 \SystemRoot\System32\drivers\discache.sys 0x8D609000 \SystemRoot\system32\drivers\csc.sys 0x8D66D000 \SystemRoot\System32\Drivers\dfsc.sys 0x8D685000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x8D693000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x8D6B9000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8D6DA000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x8D6EC000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8E807000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x8F124000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8D6F5000 \SystemRoot\System32\drivers\dxgmms1.sys 0x8D72E000 \SystemRoot\system32\DRIVERS\e1k6032.sys 0x8F1DB000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8D75A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8F1E6000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8D7A5000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8D7C4000 \SystemRoot\system32\DRIVERS\parport.sys 0x8F1F5000 \SystemRoot\system32\DRIVERS\serenum.sys 0x8E800000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x8D7DC000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x8D7E9000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x8C3BD000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8C3D5000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8E434000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8E456000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8E46E000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8E485000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8E49C000 \SystemRoot\system32\DRIVERS\rdpbus.sys 0x8E4A6000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8E4B3000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8E4C0000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8E4C2000 \SystemRoot\system32\DRIVERS\ks.sys 0x8E4F6000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8E504000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8E548000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8E559000 \SystemRoot\system32\drivers\HdAudio.sys 0x8E5A9000 \SystemRoot\system32\drivers\portcls.sys 0x8E5D8000 \SystemRoot\system32\drivers\drmk.sys 0x94390000 \SystemRoot\System32\win32k.sys 0x8E5F1000 \SystemRoot\System32\drivers\Dxapi.sys 0x8E400000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8E40D000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x8E418000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x8E422000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x8C3E0000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x8C3EB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x8D600000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x8E5FB000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x88794000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x8879F000 \SystemRoot\system32\DRIVERS\monitor.sys 0x945F0000 \SystemRoot\System32\TSDDD.dll 0x887AA000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x8AE26000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x8AE32000 \SystemRoot\system32\drivers\luafv.sys 0x8AE4D000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x8AE62000 \SystemRoot\system32\drivers\WudfPf.sys 0x8AE7C000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x8AE8C000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x8AEB6000 \SystemRoot\system32\drivers\HTTP.sys 0x8AF3B000 \SystemRoot\system32\DRIVERS\bowser.sys 0x8AF54000 \SystemRoot\System32\drivers\mpsdrv.sys 0x8AF66000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x8AF89000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x8AFC4000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x8AFDF000 \SystemRoot\system32\DRIVERS\parvdm.sys 0x95A0A000 \SystemRoot\system32\drivers\peauth.sys 0x95AA1000 \SystemRoot\System32\Drivers\secdrv.SYS 0x95AAB000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x95ACC000 \SystemRoot\System32\drivers\tcpipreg.sys 0x95AD9000 \SystemRoot\System32\DRIVERS\srv2.sys 0x95B28000 \SystemRoot\System32\DRIVERS\srv.sys 0x95B79000 \SystemRoot\System32\Drivers\fastfat.SYS 0x86CA6000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0x94360000 \SystemRoot\System32\cdd.dll 0x86D12000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x86D61000 \??\C:\Users\Gpa\AppData\Local\Temp\fxldipoc.sys 0x770D0000 \Windows\System32\ntdll.dll 0x47FB0000 \Windows\System32\smss.exe 0x77310000 \Windows\System32\apisetschema.dll 0x00480000 \Windows\System32\autochk.exe 0x77250000 \Windows\System32\rpcrt4.dll 0x77080000 \Windows\System32\gdi32.dll 0x77020000 \Windows\System32\difxapi.dll 0x76F90000 \Windows\System32\clbcatq.dll 0x77240000 \Windows\System32\psapi.dll 0x77230000 \Windows\System32\normaliz.dll 0x76E90000 \Windows\System32\wininet.dll 0x76DC0000 \Windows\System32\user32.dll 0x76C20000 \Windows\System32\setupapi.dll 0x76B80000 \Windows\System32\usp10.dll 0x77220000 \Windows\System32\lpk.dll 0x76AD0000 \Windows\System32\msvcrt.dll 0x76A70000 \Windows\System32\shlwapi.dll 0x77210000 \Windows\System32\nsi.dll 0x76910000 \Windows\System32\ole32.dll 0x75CC0000 \Windows\System32\shell32.dll 0x75BE0000 \Windows\System32\kernel32.dll 0x75B10000 \Windows\System32\msctf.dll 0x75AF0000 \Windows\System32\imm32.dll 0x759B0000 \Windows\System32\urlmon.dll 0x75920000 \Windows\System32\oleaut32.dll 0x75900000 \Windows\System32\sechost.dll 0x758B0000 \Windows\System32\Wldap32.dll 0x75810000 \Windows\System32\advapi32.dll 0x757E0000 \Windows\System32\imagehlp.dll 0x757A0000 \Windows\System32\ws2_32.dll 0x755A0000 \Windows\System32\iertutil.dll 0x75520000 \Windows\System32\comdlg32.dll 0x75500000 \Windows\System32\devobj.dll 0x75470000 \Windows\System32\comctl32.dll 0x75350000 \Windows\System32\crypt32.dll 0x75320000 \Windows\System32\wintrust.dll 0x752F0000 \Windows\System32\cfgmgr32.dll 0x752A0000 \Windows\System32\KernelBase.dll 0x75290000 \Windows\System32\msasn1.dll Processes (total 65): 0 System Idle Process 4 System 244 C:\Windows\System32\smss.exe 328 csrss.exe 380 C:\Windows\System32\wininit.exe 392 csrss.exe 436 C:\Windows\System32\services.exe 468 C:\Windows\System32\winlogon.exe 480 C:\Windows\System32\lsass.exe 488 C:\Windows\System32\lsm.exe 620 C:\Windows\System32\svchost.exe 716 C:\Windows\System32\svchost.exe 800 C:\Windows\System32\svchost.exe 836 C:\Windows\System32\svchost.exe 884 C:\Windows\System32\svchost.exe 1016 C:\Windows\System32\svchost.exe 1164 C:\Windows\System32\svchost.exe 1356 C:\Windows\System32\spoolsv.exe 1372 C:\Windows\System32\taskeng.exe 1408 C:\Program Files\Avira\AntiVir Desktop\sched.exe 1432 C:\Windows\System32\svchost.exe 1488 C:\Windows\System32\rundll32.exe 1580 C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1612 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 1636 C:\Program Files\Application Updater\ApplicationUpdater.exe 1664 C:\Program Files\Bonjour\mDNSResponder.exe 1700 C:\Windows\System32\svchost.exe 1860 C:\Windows\System32\taskhost.exe 1956 C:\Program Files\Google\Update\GoogleUpdate.exe 372 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 428 C:\Windows\System32\conhost.exe 636 C:\Program Files\ICQ6Toolbar\ICQ Service.exe 932 C:\Windows\System32\dwm.exe 1068 C:\Windows\explorer.exe 1796 C:\Windows\System32\svchost.exe 2024 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 700 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE 1764 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE 2356 C:\Windows\System32\svchost.exe 2864 C:\Windows\System32\igfxtray.exe 2876 C:\Windows\System32\hkcmd.exe 2888 C:\Windows\System32\igfxpers.exe 2992 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3004 C:\Program Files\DivX\DivX Update\DivXUpdate.exe 3048 C:\Program Files\iTunes\iTunesHelper.exe 3068 C:\Program Files\Common Files\Java\Java Update\jusched.exe 3096 C:\Users\Gpa\AppData\Local\Google\Update\GoogleUpdate.exe 3380 C:\Windows\System32\SearchIndexer.exe 3464 C:\Program Files\iPod\bin\iPodService.exe 3728 C:\Program Files\Windows Media Player\wmpnetwk.exe 3896 C:\Windows\System32\svchost.exe 2836 dllhost.exe 4396 C:\Users\Gpa\AppData\Local\Google\Chrome\Application\chrome.exe 4820 C:\Users\Gpa\AppData\Local\Google\Chrome\Application\chrome.exe 3348 C:\Users\Gpa\AppData\Local\Google\Chrome\Application\chrome.exe 4644 C:\Users\Gpa\AppData\Local\Google\Chrome\Application\chrome.exe 3736 C:\Users\Gpa\AppData\Local\Google\Chrome\Application\chrome.exe 4580 C:\Program Files\OpenOffice.org 3\program\soffice.exe 4172 C:\Program Files\OpenOffice.org 3\program\soffice.bin 5808 C:\Windows\System32\audiodg.exe 2496 C:\Windows\System32\SearchProtocolHost.exe 4280 C:\Windows\System32\SearchFilterHost.exe 5316 C:\Users\Gpa\Desktop\MBRCheck.exe 3564 C:\Windows\System32\conhost.exe 6116 C:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`075a9e00 (NTFS) \\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS) PhysicalDrive0 Model Number: WDCWD800JD-75MSA3, Rev: 10.01E04 PhysicalDrive1 Model Number: SeagateBackup, Rev: 0130 Size Device Name MBR Status -------------------------------------------- 74 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 232 GB \\.\PhysicalDrive1 RE: Unknown MBR code SHA1: A16EF68870D2ED162DDA2E379D2960A80789C94E Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done! Edit: Hab den Computer eben neugestartet und es öffnet sich jetzt ein Ordner anstatt des Fehler Fensters. Geändert von gpa123 (04.04.2011 um 21:46 Uhr) |
04.04.2011, 21:45 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
05.04.2011, 12:37 | #27 |
| Allgemeine Fragen... SUPERAntiSpyware Scan Log SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! Generated 04/05/2011 at 12:29 PM Application Version : 4.50.1002 Core Rules Database Version : 6753 Trace Rules Database Version: 4565 Scan type : Complete Scan Total Scan Time : 12:06:54 Memory items scanned : 807 Memory threats detected : 0 Registry items scanned : 8500 Registry threats detected : 0 File items scanned : 221058 File threats detected : 5 Adware.Tracking Cookie C:\Users\Gpa\AppData\Roaming\Microsoft\Windows\Cookies\gpa@doubleclick[2].txt media.mtvnservices.com [ C:\Windows.old\Users\Andreas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5SDNKY65 ] secure-us.imrworldwide.com [ C:\Windows.old\Users\Andreas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5SDNKY65 ] oddcast.com [ C:\Windows.old\Users\Gpa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\N46KNF2S ] Trojan.Agent/Gen-FakeSecurity C:\USERS\GPA\DESKTOP\_OTL\MOVEDFILES\04042011_135002\C_WINDOWS\KMYMIA.EXE Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 6269 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 05.04.2011 00:06:49 mbam-log-2011-04-05 (00-06-49).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 374194 Laufzeit: 1 Stunde(n), 16 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 3 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\IKXGVMFZHI (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Q8PS7ZCLN6 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
05.04.2011, 13:40 | #28 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Nur isolierte Überreste und harmlose Cookies. Noch Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
05.04.2011, 13:43 | #29 |
| Allgemeine Fragen... Außer das sich beim starten ein Ordner ohne Inhalt öffnet nichts. Dankesehr! |
05.04.2011, 14:37 | #30 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Allgemeine Fragen... Welcher Ordner ist das? Genauer Pfad? Sowas wie C:\Ziel\zum\Ordner??
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Allgemeine Fragen... |
allgemeine, anhang, bekannte, bezüglich, compu, computers, fehler, fenster, frage, fragen, laufe, laufen, programme, programmen, prozesse, sache, start, taskleiste, taskmanager, thema, unbekannte, unbekannten, verschiedene, verschiedenen, verschwinden |