Laptop extrem langsam - Malware oder einfach altersschwäche?
Schönen guten Abend,
ich versuche seit ein paar tagen den laptop meiner Freundin wieder flott zu bekommen, jedoch verzweifle ich ein wenig.
Er ist wirklich extrem langsam und eigentlich unbrauchbar um daran zu arbeiten. Früher war er jedoch um welten schneller und ich frage mich ob es sich um malware handelt oder ob der Laptop einfach durch sein Alter langsam den Geist aufgibt (z.b. extremer Staub in der Hardware oder so).
Ich hab die Tage jetzt alle unwichtigen Programme deinstalliert, Java aktualisiert,das neueste Windowsupdate installiert und auch Avira Antivir aktualisiert.
Ich habe heute alle Schritte befolgt bevor hier ein neues Thema eröffnet werden soll und poste die Ergebnisse hier einfach mal.
Ich würde mich sehr freuen, wenn sich jemand bereit erklärt, mich bei der Suche nach eventuellen Gründen bzw. Malware anzuleiten. Defogger Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:21 on 29/03/2012 (tessi)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
dds Code:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by tessi at 18:25:06 on 2012-03-29
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.49.1031.18.1015.264 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.myspace.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=laptop
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Avira SearchFree Toolbar plus WebGuard: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Avira SearchFree Toolbar plus WebGuard: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &AOL Toolbar-Suche - c:\program files\aol\aol toolbar 5.0\resources\de-de\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E9B39AC7-B9FB-48CA-84A0-1659A05F0003} - hxxp://www.wohnmoebel.de/csschmal/install/KPSA-Home%20CSSchmal.cab
TCP: DhcpNameServer = 62.109.123.7 213.191.92.86 192.168.0.1
TCP: Interfaces\{3A3CF2DF-E54A-4786-923E-725AE9ABEAEB} : DhcpNameServer = 62.109.123.7 213.191.92.86 192.168.0.1
TCP: Interfaces\{A6A7A00E-4C78-4122-8B05-290D13C9245A} : DhcpNameServer = 192.168.178.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tessi\appdata\roaming\mozilla\firefox\profiles\dhkkuuea.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.panorama.de/
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2011-5-10 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-10 269480]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2011-7-1 428200]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-10 66616]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-11-19 21504]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-17 135664]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2012-3-10 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-17 135664]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-3-10 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-3-10 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-3-10 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2012-3-10 114280]
.
=============== Created Last 30 ================
.
2012-03-29 14:41:14 6582328 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{34b42d4a-9d9e-4b0d-ac9a-92c1cbb3fccc}\mpengine.dll
2012-03-15 22:35:48 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-15 22:35:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-15 22:35:45 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-15 22:35:45 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-15 22:35:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-15 22:35:44 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-15 22:35:43 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-03-15 22:35:26 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-15 22:35:26 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-09 23:01:00 -------- d-----w- c:\users\tessi\appdata\local\Samsung
2012-03-09 22:59:51 -------- d-----w- c:\users\tessi\appdata\roaming\Samsung
2012-03-09 22:56:39 30312 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-03-09 22:56:39 1416680 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2012-03-09 22:56:39 1416680 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-03-09 22:56:39 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-03-09 22:56:39 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-03-09 22:56:39 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-03-09 22:56:39 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-03-09 22:56:39 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2012-03-09 22:56:39 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-03-09 22:56:39 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2012-03-09 22:56:38 114280 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-03-09 22:53:30 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-03-09 22:52:48 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-03-09 22:52:48 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2012-03-09 22:52:48 -------- d-----w- c:\program files\MarkAny
2012-03-09 22:49:43 -------- d-----w- c:\programdata\Samsung
2012-03-09 22:49:43 -------- d-----w- c:\program files\Samsung
.
==================== Find3M ====================
.
2012-03-29 16:07:31 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-23 21:23:38 4448256 ----a-w- c:\windows\system32\GPhotos.scr
2012-02-23 07:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
1999-03-11 15:22:04 99840 ----a-w- c:\program files\common files\IRAABOUT.DLL
1998-12-09 00:53:54 70144 ----a-w- c:\program files\common files\IRAMDMTR.DLL
1998-12-09 00:53:54 48640 ----a-w- c:\program files\common files\IRALPTTR.DLL
1998-12-09 00:53:54 31744 ----a-w- c:\program files\common files\IRAWEBTR.DLL
1998-12-09 00:53:54 186368 ----a-w- c:\program files\common files\IRAREG.DLL
1998-12-09 00:53:54 17920 ----a-w- c:\program files\common files\IRASRIAL.DLL
.
============= FINISH: 18:26:50,29 ===============
Attach Code:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 22.06.2008 14:20:59
System Uptime: 29.03.2012 17:55:55 (1 hours ago)
.
Motherboard: Hewlett-Packard | | 30D5
Processor: Intel(R) Core(TM) Duo CPU T2600 @ 2.16GHz | U10 | 2167/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 103 GiB total, 42,765 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 2 GiB total, 1,317 GiB free.
F: is FIXED (NTFS) - 8 GiB total, 0,754 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
AC3Filter (remove only)
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.3.1 - Deutsch
Apple Mobile Device Support
Application Installer 4.00.B13
Ashampoo Burning Studio Elements 10.0.9
Ask Toolbar
Avira AntiVir Personal - Free Antivirus
Bonjour
Broadcom 802.11 Wireless LAN Adapter
Business Contact Manager für Outlook 2007 SP2
Canon MP550 series MP Drivers
CCleaner
Conexant HD Audio
DivX-Setup
ESU for Microsoft Vista
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Active Support Library 32 bit components
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP Notebook Accessories Product Tour
HP Quick Launch Buttons 6.40 B2
HP Update
HP User Guides 0077
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPNetworkAssistant
ICQ7.5
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
InterVideo DVD Check
InterVideo Register Manager
InterVideo WinDVD
Java Auto Updater
Java(TM) 6 Update 31
KPSA-Home
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Office 2000 Premium
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (German) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 9.0.1 (x86 de)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Opera 11.61
Picasa 3
QuickTime
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Skype™ 5.6
Sonic Activation Module
ST Wiederherstellungs- & Sicherungsprogramme
Synaptics Pointing Device Driver
TubeBox!
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
VC80CRTRedist - 8.0.50727.4053
Vista Default Settings
VLC media player 1.1.11
.
==== End Of File ===========================
Gmer Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-03-29 19:19:53
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD1200BEVS-60UST0 rev.01.01A01
Running: gnr7l0w3.exe; Driver: C:\Users\tessi\AppData\Local\Temp\pwtdakod.sys
---- System - GMER 1.0.15 ----
SSDT 8BF973B6 ZwCreateSection
SSDT 8BF973BB ZwSetContextThread
SSDT 8BF97357 ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetEvent + 215 820ED998 4 Bytes [B6, 73, F9, 8B]
.text ntkrnlpa.exe!KeSetEvent + 56D 820EDCF0 4 Bytes [BB, 73, F9, 8B]
.text ntkrnlpa.exe!KeSetEvent + 621 820EDDA4 4 Bytes [57, 73, F9, 8B]
? C:\Users\tessi\AppData\Local\Temp\mbr.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3192] ntdll.dll!DbgUiRemoteBreakin 77ACCD44 1 Byte [C3]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016411f4ab6
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0016411f4ab6 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
| 
