Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Problem: Schrift weg z.B. im Task Manager (https://www.trojaner-board.de/96626-problem-schrift-weg-z-b-task-manager.html)

Lelouch 19.03.2011 13:40
Problem: Schrift weg z.B. im Task Manager
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo,
mein Problem ist, dass die Schrift bzw. auch allgemein der Task Manager sich ein wenig verändert hat. Näheres sieht ihr im Screen, den ich im Anhang hochgeladen habe. Bis jetzt habe ich nach meinem Problem gegooglet und einige Problemursachen gefunden, die ich auch schon beseitigt habe, wie die Deinstallation von Avira, aber das hat leider auch nichts gebracht. :(
Nach weiterem Suchen bin ich auf dieses Forum gestoßen und bitte euch um eure Hilfe bei meinem Problem. Außerdem bin ich mir zu ungefähr 75% sicher, dass ich mir einen Trojaner eingefangen habe, weil ich FileZilla benutze und auf einem FTP-Server sich wohl ein Trojaner befand, der von einem anderen User des Servers draufgekommen ist.

Im Anhang befindet sich außerdem die Log-File des OTL-Scans.
Ich bedanke mich schon mal für eure Hilfe und hoffe, dass ihr mir weiterhelfen könnt. :)

cosinus 19.03.2011 14:02
Zitat:
Bis jetzt habe ich nach meinem Problem gegooglet und einige Problemursachen gefunden, die ich auch schon beseitigt habe
Zu ungenau. Welche Probleme waren das im Detail und was wurde wie genau behoben?

Zitat:
Außerdem bin ich mir zu ungefähr 75% sicher, dass ich mir einen Trojaner eingefangen habe, weil ich FileZilla benutze und auf einem FTP-Server sich wohl ein Trojaner befand, der von einem anderen User des Servers draufgekommen ist.
Was genau nutzt du? Filezilla Client oder Server?
Was für ein Programm hast du von wo heruntergeladen über Filezilla und zu welchem Zweck diente es?

Gibt es noch weitere Logs? Von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.

Lelouch 19.03.2011 19:46
Zitat:
Zu ungenau. Welche Probleme waren das im Detail und was wurde wie genau behoben?
Manche meinten, dass Avira eine Ursache für mein Problem wäre, also hab ich das deinstalliert. Außerdem habe ich schon avast! Antivirus durchlaufen lassen.

Zitat:
Was genau nutzt du? Filezilla Client oder Server?
Was für ein Programm hast du von wo heruntergeladen über Filezilla und zu welchem Zweck diente es?
Also, ich benutze Filezilla Client und habs mir von Chip.de geladen. Filezilla benutz ich, damit wir unsere Arbeiten übers Internet leichter verteilen können bzw. leichter bekommen können.

Zitat:
Gibt es noch weitere Logs? Von Malwarebytes? Wenn ja bitte alle posten, die in Malwarebytes im Reiter Logdateien sichtbar sind.
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6100

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

19.03.2011 19:46:01
mbam-log-2011-03-19 (19-46-01).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 140571
Laufzeit: 7 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 20.03.2011 12:07
Zitat:
Außerdem habe ich schon avast! Antivirus durchlaufen lassen.
Und es hat was gefunden? Wenn ja wo?

Zitat:
Also, ich benutze Filezilla Client und habs mir von Chip.de geladen. Filezilla benutz ich, damit wir unsere Arbeiten übers Internet leichter verteilen können bzw. leichter bekommen können.
Was Filezilla ist weiß ich :D
Ich habs so verstanden, dass du eine dubiose Datei von einem Server mit Filezilla runtergeladen hast! Das war nicht der Fall oder doch?

Zitat:
weil ich FileZilla benutze und auf einem FTP-Server sich wohl ein Trojaner befand
Klingt jedenfalls danach. Welche Datei mit welchem namen hast du runtergeladen? Hast du sie ausgeführt?

Zitat:
Art des Suchlaufs: Quick-Scan
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Lelouch 20.03.2011 18:58
Zitat:
Und es hat was gefunden? Wenn ja wo?
Nein, es hat nichts gefunden und das hat mich schon sehr gewundert.

Zitat:
Ich habs so verstanden, dass du eine dubiose Datei von einem Server mit Filezilla runtergeladen hast! Das war nicht der Fall oder doch?
Also, dubiose Dateien bestimmt nicht. :D Das sind ja nur Dateien von anderen Bekannten bzw. Mitschülern, aber einer von ihnen hatte wohl einen Trojaner, den er mit einer Datei (weiß jetzt nicht welche) auf den FTP-Server hochgeladen hat und dadurch im Umlauf gekommen ist.

Zitat:
Welche Datei mit welchem namen hast du runtergeladen? Hast du sie ausgeführt?
Wie schon gesagt, weiß ich nicht durch welche Datei der Trojaner bzw. der Virus auf meinen PC gelangen konnte. Ich kann nur jedenfalls sagen, dass auf dem Server nur Scripte wie .ass oder .doc Dateien und Videos drauf sind.

Vollscan Malwarebytes:
Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6110

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

20.03.2011 15:53:43
mbam-log-2011-03-20 (15-53-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|G:\|)
Durchsuchte Objekte: 277472
Laufzeit: 1 Stunde(n), 47 Minute(n), 58 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 20.03.2011 19:52
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Lelouch 20.03.2011 20:29
Code:
2011/03/20 20:24:01.0595 4428        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/20 20:24:02.0718 4428        ================================================================================
2011/03/20 20:24:02.0718 4428        SystemInfo:
2011/03/20 20:24:02.0718 4428       
2011/03/20 20:24:02.0718 4428        OS Version: 6.0.6002 ServicePack: 2.0
2011/03/20 20:24:02.0718 4428        Product type: Workstation
2011/03/20 20:24:02.0718 4428        ComputerName: ***
2011/03/20 20:24:02.0719 4428        UserName: ***
2011/03/20 20:24:02.0719 4428        Windows directory: C:\Windows
2011/03/20 20:24:02.0719 4428        System windows directory: C:\Windows
2011/03/20 20:24:02.0719 4428        Processor architecture: Intel x86
2011/03/20 20:24:02.0719 4428        Number of processors: 2
2011/03/20 20:24:02.0719 4428        Page size: 0x1000
2011/03/20 20:24:02.0719 4428        Boot type: Normal boot
2011/03/20 20:24:02.0719 4428        ================================================================================
2011/03/20 20:24:05.0623 4428        Initialize success
2011/03/20 20:24:40.0269 5056        ================================================================================
2011/03/20 20:24:40.0269 5056        Scan started
2011/03/20 20:24:40.0269 5056        Mode: Manual;
2011/03/20 20:24:40.0269 5056        ================================================================================
2011/03/20 20:24:44.0331 5056        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/03/20 20:24:45.0230 5056        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/03/20 20:24:45.0885 5056        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/03/20 20:24:46.0234 5056        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/03/20 20:24:46.0630 5056        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/03/20 20:24:47.0126 5056        AFD            (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/03/20 20:24:47.0786 5056        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/03/20 20:24:48.0209 5056        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/20 20:24:48.0738 5056        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/03/20 20:24:49.0177 5056        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/03/20 20:24:49.0686 5056        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/03/20 20:24:50.0110 5056        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/03/20 20:24:50.0814 5056        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/03/20 20:24:51.0491 5056        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/03/20 20:24:51.0869 5056        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/03/20 20:24:52.0612 5056        aswFsBlk        (1c2e6bb4fe8621b1b863855b02bc33eb) C:\Windows\system32\drivers\aswFsBlk.sys
2011/03/20 20:24:53.0068 5056        aswMonFlt      (b0f137f664f10829cd2380b0e20e7c29) C:\Windows\system32\drivers\aswMonFlt.sys
2011/03/20 20:24:53.0848 5056        aswRdr          (b6a9373619d851be80fb5f1b5eed0d4e) C:\Windows\system32\drivers\aswRdr.sys
2011/03/20 20:24:54.0902 5056        aswSnx          (9be41c1ae8bc481eb662d85c98d979c2) C:\Windows\system32\drivers\aswSnx.sys
2011/03/20 20:24:55.0892 5056        aswSP          (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\Windows\system32\drivers\aswSP.sys
2011/03/20 20:24:56.0489 5056        aswTdi          (c7f1cea32766184911293f4e1ee653f5) C:\Windows\system32\drivers\aswTdi.sys
2011/03/20 20:24:56.0846 5056        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/20 20:24:57.0526 5056        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/03/20 20:24:59.0558 5056        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/20 20:25:00.0730 5056        bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/20 20:25:01.0166 5056        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/20 20:25:01.0806 5056        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/20 20:25:02.0567 5056        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/20 20:25:03.0769 5056        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/20 20:25:04.0180 5056        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/20 20:25:04.0768 5056        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/20 20:25:05.0345 5056        BthEnum        (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/20 20:25:05.0786 5056        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/03/20 20:25:06.0376 5056        BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/20 20:25:06.0888 5056        BTHPORT        (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2011/03/20 20:25:08.0017 5056        BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/20 20:25:08.0412 5056        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/20 20:25:09.0367 5056        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/20 20:25:09.0919 5056        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/03/20 20:25:10.0506 5056        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/03/20 20:25:11.0470 5056        CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/20 20:25:12.0143 5056        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/03/20 20:25:12.0991 5056        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/20 20:25:13.0449 5056        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/03/20 20:25:14.0065 5056        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/03/20 20:25:15.0529 5056        DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/03/20 20:25:16.0411 5056        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/03/20 20:25:17.0267 5056        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/20 20:25:18.0151 5056        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/20 20:25:18.0481 5056        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/20 20:25:19.0371 5056        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/03/20 20:25:20.0337 5056        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/03/20 20:25:21.0649 5056        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/03/20 20:25:22.0561 5056        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/03/20 20:25:23.0800 5056        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/20 20:25:24.0558 5056        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/20 20:25:25.0922 5056        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/20 20:25:26.0668 5056        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/20 20:25:27.0358 5056        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/03/20 20:25:28.0097 5056        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/20 20:25:28.0665 5056        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/20 20:25:29.0371 5056        HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/03/20 20:25:29.0733 5056        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/20 20:25:30.0098 5056        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/20 20:25:30.0498 5056        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/20 20:25:31.0202 5056        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/20 20:25:31.0998 5056        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/03/20 20:25:32.0518 5056        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/03/20 20:25:33.0068 5056        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/03/20 20:25:33.0664 5056        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/20 20:25:34.0064 5056        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/03/20 20:25:34.0611 5056        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/20 20:25:35.0244 5056        IntcAzAudAddService (67e40fa2e4f2b70e8b3c8597a38f3a49) C:\Windows\system32\drivers\RTKVHDA.sys
2011/03/20 20:25:35.0825 5056        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/20 20:25:36.0280 5056        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/20 20:25:36.0753 5056        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/20 20:25:37.0807 5056        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/20 20:25:38.0399 5056        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/20 20:25:38.0950 5056        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/20 20:25:39.0317 5056        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/03/20 20:25:39.0727 5056        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/20 20:25:40.0172 5056        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/20 20:25:41.0029 5056        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/20 20:25:41.0636 5056        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/20 20:25:42.0252 5056        kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
2011/03/20 20:25:42.0841 5056        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/20 20:25:43.0732 5056        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/20 20:25:44.0709 5056        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/20 20:25:45.0373 5056        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/20 20:25:45.0731 5056        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/20 20:25:46.0243 5056        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/20 20:25:46.0828 5056        mcdbus          (8fd868e32459ece2a1bb0169f513d31e) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/03/20 20:25:47.0664 5056        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/03/20 20:25:48.0476 5056        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/20 20:25:48.0812 5056        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/20 20:25:49.0259 5056        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/20 20:25:49.0782 5056        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/20 20:25:50.0354 5056        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/20 20:25:50.0664 5056        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/03/20 20:25:51.0080 5056        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/20 20:25:51.0750 5056        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/20 20:25:52.0065 5056        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/20 20:25:52.0554 5056        mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/20 20:25:53.0139 5056        mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/20 20:25:53.0518 5056        mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/20 20:25:54.0016 5056        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/03/20 20:25:54.0549 5056        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/03/20 20:25:55.0694 5056        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/20 20:25:56.0454 5056        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/20 20:25:57.0314 5056        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/20 20:25:57.0663 5056        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/20 20:25:58.0026 5056        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/20 20:25:58.0360 5056        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/03/20 20:25:59.0408 5056        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/20 20:25:59.0873 5056        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/20 20:26:00.0327 5056        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/03/20 20:26:00.0809 5056        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/20 20:26:01.0213 5056        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/03/20 20:26:01.0556 5056        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/20 20:26:02.0080 5056        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/20 20:26:02.0386 5056        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/20 20:26:02.0764 5056        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/20 20:26:03.0138 5056        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/20 20:26:03.0636 5056        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/20 20:26:04.0880 5056        NETw3v32        (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
2011/03/20 20:26:05.0691 5056        NETwLv32        (d4ef7a9767c05905500ec312cb29ef46) C:\Windows\system32\DRIVERS\NETwLv32.sys
2011/03/20 20:26:06.0544 5056        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/20 20:26:07.0136 5056        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/03/20 20:26:07.0890 5056        NPPTNT2        (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys
2011/03/20 20:26:08.0444 5056        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/20 20:26:09.0232 5056        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/03/20 20:26:09.0786 5056        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/20 20:26:10.0330 5056        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/20 20:26:10.0752 5056        nvraid          (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
2011/03/20 20:26:11.0359 5056        nvstor          (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
2011/03/20 20:26:11.0872 5056        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/03/20 20:26:13.0189 5056        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/20 20:26:14.0298 5056        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/20 20:26:14.0724 5056        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/03/20 20:26:15.0728 5056        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/20 20:26:16.0399 5056        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/03/20 20:26:16.0836 5056        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/03/20 20:26:17.0390 5056        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/03/20 20:26:17.0852 5056        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/20 20:26:19.0860 5056        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/20 20:26:20.0234 5056        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/03/20 20:26:20.0978 5056        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/20 20:26:21.0423 5056        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/03/20 20:26:22.0074 5056        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/20 20:26:22.0707 5056        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/20 20:26:23.0334 5056        R300            (a6201fd4d96f7fa7db3ad609be60ff5c) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/03/20 20:26:23.0963 5056        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/20 20:26:24.0634 5056        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/20 20:26:25.0586 5056        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/20 20:26:26.0186 5056        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/20 20:26:26.0519 5056        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/20 20:26:26.0906 5056        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/20 20:26:27.0481 5056        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/03/20 20:26:28.0056 5056        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/20 20:26:28.0623 5056        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/03/20 20:26:29.0371 5056        RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/20 20:26:30.0349 5056        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/20 20:26:30.0671 5056        RTL8169        (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/03/20 20:26:31.0372 5056        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/20 20:26:32.0470 5056        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/20 20:26:33.0304 5056        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/03/20 20:26:33.0684 5056        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/03/20 20:26:34.0286 5056        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/20 20:26:35.0829 5056        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
2011/03/20 20:26:36.0140 5056        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/20 20:26:36.0618 5056        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/20 20:26:37.0137 5056        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/03/20 20:26:37.0678 5056        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/03/20 20:26:38.0181 5056        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/03/20 20:26:38.0775 5056        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/03/20 20:26:39.0682 5056        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/03/20 20:26:40.0494 5056        smserial        (c8a58fc905c9184fa70e37f71060c64d) C:\Windows\system32\DRIVERS\smserial.sys
2011/03/20 20:26:41.0555 5056        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/20 20:26:42.0283 5056        srv            (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/03/20 20:26:42.0873 5056        srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/20 20:26:43.0563 5056        srvnet          (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/20 20:26:44.0441 5056        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/20 20:26:45.0396 5056        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/20 20:26:45.0878 5056        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/20 20:26:46.0521 5056        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/20 20:26:47.0665 5056        Tcpip          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/03/20 20:26:48.0371 5056        Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/20 20:26:48.0833 5056        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/20 20:26:49.0345 5056        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/20 20:26:49.0867 5056        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/20 20:26:50.0162 5056        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/20 20:26:50.0690 5056        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/20 20:26:52.0326 5056        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/20 20:26:53.0196 5056        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/20 20:26:53.0756 5056        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/20 20:26:54.0159 5056        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/03/20 20:26:54.0730 5056        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/20 20:26:55.0845 5056        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/20 20:26:56.0407 5056        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/03/20 20:26:57.0194 5056        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/20 20:26:57.0783 5056        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/20 20:26:58.0568 5056        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/20 20:26:59.0723 5056        usbccgp        (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
2011/03/20 20:27:00.0269 5056        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/20 20:27:00.0830 5056        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/20 20:27:01.0140 5056        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/20 20:27:01.0719 5056        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/20 20:27:02.0343 5056        usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/03/20 20:27:02.0701 5056        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/20 20:27:03.0107 5056        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/20 20:27:03.0914 5056        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/20 20:27:04.0308 5056        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/20 20:27:04.0722 5056        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/03/20 20:27:05.0097 5056        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/03/20 20:27:05.0823 5056        viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/03/20 20:27:06.0373 5056        viamraid        (9f3f276c7300ed211129757a411b605f) C:\Windows\system32\drivers\viamraid.sys
2011/03/20 20:27:06.0758 5056        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/20 20:27:07.0341 5056        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/03/20 20:27:07.0678 5056        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/03/20 20:27:08.0068 5056        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/03/20 20:27:08.0800 5056        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/20 20:27:09.0131 5056        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/20 20:27:09.0481 5056        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/20 20:27:10.0303 5056        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/03/20 20:27:10.0643 5056        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/20 20:27:13.0287 5056        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/20 20:27:14.0844 5056        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/20 20:27:15.0986 5056        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/20 20:27:19.0528 5056        ================================================================================
2011/03/20 20:27:19.0528 5056        Scan finished
2011/03/20 20:27:19.0528 5056        ================================================================================

cosinus 21.03.2011 10:12
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Lelouch 21.03.2011 15:04
Code:
ComboFix 11-03-19.06 - *** 21.03.2011  14:32:55.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.2045.1209 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\cofi.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-21 bis 2011-03-21  ))))))))))))))))))))))))))))))
.
.
2011-03-21 13:41 . 2011-03-21 13:41        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-03-21 13:12 . 2011-03-21 13:12        --------        d-----w-        c:\program files\CCleaner
2011-03-19 20:09 . 2011-03-19 20:09        --------        d-----w-        C:\PSP Theme Toolbox
2011-03-19 10:34 . 2011-03-19 10:34        --------        d-----w-        c:\program files\ESET
2011-03-18 20:50 . 2011-03-18 20:50        --------        d-----w-        c:\users\***\AppData\Roaming\Malwarebytes
2011-03-18 20:50 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-18 20:50 . 2011-03-18 20:50        --------        d-----w-        c:\programdata\Malwarebytes
2011-03-18 20:50 . 2010-12-20 17:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-03-18 20:50 . 2011-03-18 20:50        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2011-03-18 17:34 . 2011-02-11 06:54        5943120        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{393ADE37-6769-4BF6-896C-BBD7949FDB3E}\mpengine.dll
2011-03-17 19:53 . 2011-03-17 19:53        --------        d-----w-        c:\program files\Microsoft Silverlight
2011-03-17 17:46 . 2011-02-23 14:54        19544        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2011-03-17 17:46 . 2011-02-23 14:56        301528        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2011-03-17 17:46 . 2011-02-23 14:55        49240        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2011-03-17 17:46 . 2011-02-23 14:55        25432        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2011-03-17 17:46 . 2011-02-23 14:56        371544        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2011-03-17 17:46 . 2011-02-23 14:55        53592        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2011-03-17 17:45 . 2011-02-23 15:04        40648        ----a-w-        c:\windows\avastSS.scr
2011-03-17 17:45 . 2011-02-23 15:04        190016        ----a-w-        c:\windows\system32\aswBoot.exe
2011-03-17 17:45 . 2011-03-17 17:45        --------        d-----w-        c:\programdata\AVAST Software
2011-03-17 17:45 . 2011-03-17 17:45        --------        d-----w-        c:\program files\AVAST Software
2011-03-17 16:02 . 2011-03-18 18:30        --------        d-----w-        c:\program files\SmartFTP Client 4.0 Setup Files
2011-03-12 00:13 . 2010-07-30 19:21        32768        ----a-w-        c:\windows\system32\CTFtoolDrop.dll
2011-03-12 00:13 . 2010-12-09 20:57        40960        ----a-w-        c:\windows\system32\CTFtoolMenu.dll
2011-03-10 16:10 . 2006-11-05 04:58        61440        ----a-w-        C:\vinverse.dll
2011-03-09 14:42 . 2010-12-29 18:28        429056        ----a-w-        c:\windows\system32\EncDec.dll
2011-03-09 14:42 . 2010-12-29 18:28        322560        ----a-w-        c:\windows\system32\sbe.dll
2011-03-09 14:42 . 2010-12-29 18:28        153088        ----a-w-        c:\windows\system32\sbeio.dll
2011-03-09 14:42 . 2010-12-29 18:26        177664        ----a-w-        c:\windows\system32\mpg2splt.ax
2011-03-09 14:42 . 2010-12-17 15:45        2067968        ----a-w-        c:\windows\system32\mstscax.dll
2011-03-09 14:42 . 2010-12-17 13:54        677888        ----a-w-        c:\windows\system32\mstsc.exe
2011-03-08 20:05 . 2011-03-08 20:05        --------        d-----w-        c:\program files\SopCast
2011-03-07 20:37 . 2011-03-07 20:37        --------        d-----w-        c:\users\***\AppData\Roaming\FFSJ
2011-03-02 22:54 . 2011-03-02 22:54        --------        d-----w-        c:\users\Default\AppData\Local\Microsoft Help
2011-03-02 18:36 . 2006-10-26 18:56        33104        ----a-w-        c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-03-02 18:36 . 2008-11-10 10:41        32656        ----a-w-        c:\windows\system32\msonpmon.dll
2011-03-02 18:33 . 2011-03-02 18:42        --------        d-----w-        c:\program files\Microsoft Works
2011-03-02 18:29 . 2011-03-02 18:29        --------        d-----w-        c:\windows\PCHEALTH
2011-03-02 18:26 . 2011-03-02 18:26        --------        d-----w-        c:\program files\Microsoft Visual Studio 8
2011-03-02 18:25 . 2011-03-02 18:25        --------        d-----w-        c:\users\***\AppData\Local\Microsoft Help
2011-03-02 18:24 . 2011-03-10 02:04        --------        d-----w-        c:\programdata\Microsoft Help
2011-03-02 18:15 . 2011-03-02 18:15        --------        d-----r-        C:\MSOCache
2011-02-28 17:51 . 2011-02-28 17:51        --------        d-----w-        c:\program files\Common Files\Java
2011-02-24 00:37 . 2009-10-09 21:56        2048        ----a-w-        c:\windows\system32\winrsmgr.dll
2011-02-20 15:53 . 2011-02-02 20:40        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-02-20 15:53 . 2011-02-28 17:51        --------        d-----w-        c:\program files\Java
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2010-12-08 15:04        222080        ------w-        c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-02-09 14:28        638336        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 14:28        478720        ----a-w-        c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 14:28        219648        ----a-w-        c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 14:28        160768        ----a-w-        c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 14:28        1029120        ----a-w-        c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 14:28        189952        ----a-w-        c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 14:28        37376        ----a-w-        c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 14:28        258048        ----a-w-        c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 14:28        586240        ----a-w-        c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 14:28        2873344        ----a-w-        c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 14:28        26112        ----a-w-        c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 14:28        209920        ----a-w-        c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 14:28        98816        ----a-w-        c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 14:28        1554432        ----a-w-        c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 14:28        876032        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 14:28        667648        ----a-w-        c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 14:28        847360        ----a-w-        c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 14:28        288768        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 14:28        135680        ----a-w-        c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 14:28        979456        ----a-w-        c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 14:28        357376        ----a-w-        c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 14:28        302592        ----a-w-        c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 14:28        261632        ----a-w-        c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 14:28        1172480        ----a-w-        c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 14:28        486400        ----a-w-        c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 14:28        683008        ----a-w-        c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 14:28        1068544        ----a-w-        c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 14:28        797184        ----a-w-        c:\windows\system32\FntCache.dll
2011-01-08 08:47 . 2011-02-09 14:28        34304        ----a-w-        c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 14:28        292352        ----a-w-        c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 14:28        2039808        ----a-w-        c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 14:27        413696        ----a-w-        c:\windows\system32\odbc32.dll
2010-12-22 21:57 . 2010-12-22 21:57        630784        ----a-w-        C:\mvtools2.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04        122512        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-09 395128]
"IDMan"="c:\users\***\Downloads\IDMan.exe" [2010-11-07 3257696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-01 3772416]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-07-11 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2011-1-30 576000]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
trayNotify.lnk - c:\program files\trayNotify\trayNotify.exe [2010-12-8 7091712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-06-17 3890920]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XDva370;XDva370;c:\windows\system32\XDva370.sys [x]
R3 XDva375;XDva375;c:\windows\system32\XDva375.sys [x]
R3 XDva380;XDva380;c:\windows\system32\XDva380.sys [x]
R3 XDva383;XDva383;c:\windows\system32\XDva383.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S3 NETwLv32;    Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://start.icq.com/
IE: Download aller Links mit IDM - c:\users\***\Downloads\IEGetAll.htm
IE: Download FLV-Videoinhalt mit IDM - c:\users\***\Downloads\IEGetVL.htm
IE: Download mit IDM - c:\users\***\Downloads\IEExt.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\vkr1bu5o.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: IDM CC: mozilla_cc@internetdownloadmanager.com - c:\users\***\AppData\Roaming\IDM\idmmzcc3
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-21 14:42
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3879987039-2819738337-1481357284-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):5e,8f,0f,cc,0d,ab,12,21,bf,d7,38,fb,35,5a,84,36,12,92,6a,d0,2c,
  9b,ef,3f,dc,e4,0d,a1,fb,9b,2f,fd,c0,20,81,e0,72,d6,58,09,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3879987039-2819738337-1481357284-1000_Classes\CLSID\{90077b0d-cc9e-4ab8-9dd8-fb919c673a9f}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
  1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2011-03-21  14:47:06
ComboFix-quarantined-files.txt  2011-03-21 13:47
.
Vor Suchlauf: 9.084.833.792 Bytes frei
Nach Suchlauf: 9.540.476.928 Bytes frei
.
- - End Of File - - 5EB948BF60B021B55AEA083ED1FAC8B2

cosinus 21.03.2011 15:59
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Lelouch 21.03.2011 16:51
GMER hat leider nicht funktioniert.

osam:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 16:46:14 on 21.03.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Opera Software Opera Internet Browser 11.01

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys  (File not found)
"Driver for MagicISO SCSI Host Controller" (mcdbus) - "MagicISO, Inc." - C:\Windows\System32\DRIVERS\mcdbus.sys
"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"NPPTNT2" (NPPTNT2) - "INCA Internet Co., Ltd." - C:\Windows\system32\npptNT2.sys
"XDva370" (XDva370) - ? - C:\Windows\system32\XDva370.sys  (File not found)
"XDva375" (XDva375) - ? - C:\Windows\system32\XDva375.sys  (File not found)
"XDva380" (XDva380) - ? - C:\Windows\system32\XDva380.sys  (File not found)
"XDva383" (XDva383) - ? - C:\Windows\system32\XDva383.sys  (File not found)

[Explorer]
-----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{913B3F0F-AB72-4223-82AD-D0F6531E06D2} "CTFtoolDrop.clsDropHandler" - "patpat" - C:\Windows\system32\CTFtoolDrop.dll
{32CC64CC-ABCD-1234-A268-E22E334933D7} "CTFtool_Menu" - "patpat" - C:\Windows\system32\CTFtoolMenu.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{8A56567E-A333-4843-B6E1-C3A262E41D8C} "HashPage Class" - "Beeblebrox.org" - C:\Program Files\HashTab Shell Extension\HashTab32.dll
{B1883831-F0D8-4453-8245-EEAAD866DD6E} "HashTab Context Menu" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? -  (File not found | COM-object registry key not found)
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? -  (File not found | COM-object registry key not found)
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? -  (File not found | COM-object registry key not found)
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? -  (File not found | COM-object registry key not found)
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -  (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{0055C089-8582-441B-A0BF-17B458C2A3A8} "IDMIEHlprObj Class" - "Tonec Inc." - C:\Users\***\Downloads\IDMIECC.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"MagicDisc.lnk" - "MagicISO, Inc." - C:\Program Files\MagicDisc\MagicDisc.exe  (Shortcut exists | File exists)
"OpenOffice.org 3.2.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
"trayNotify.lnk" - "Dako-kun" - C:\Program Files\trayNotify\trayNotify.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"IDMan" - "Tonec Inc." - C:\Users\***\Downloads\IDMan.exe /onboot
"uTorrent" - "BitTorrent, Inc." - "C:\Program Files\uTorrent\uTorrent.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"ATICCC" - ? - "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"  (File found, but it contains no detailed information)
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
MBRCheck:
Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows Vista Home Premium Edition
Windows Information:                Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer:        FUJITSU SIEMENS
BIOS Manufacturer:                FUJITSU SIEMENS
System Manufacturer:                FUJITSU SIEMENS
System Product Name:                AMILO Xi 1554
Logical Drives Mask:                0x0000017c

Kernel Drivers (total 152):
  0x82034000 \SystemRoot\system32\ntkrnlpa.exe
  0x82001000 \SystemRoot\system32\hal.dll
  0x8060C000 \SystemRoot\system32\kdcom.dll
  0x80613000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x80683000 \SystemRoot\system32\PSHED.dll
  0x80694000 \SystemRoot\system32\BOOTVID.dll
  0x8069C000 \SystemRoot\system32\CLFS.SYS
  0x806DD000 \SystemRoot\system32\CI.dll
  0x8260E000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x8268A000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x82697000 \SystemRoot\system32\drivers\acpi.sys
  0x826DD000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x826E6000 \SystemRoot\system32\drivers\msisadrv.sys
  0x826EE000 \SystemRoot\system32\drivers\pci.sys
  0x82715000 \SystemRoot\System32\drivers\partmgr.sys
  0x82724000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x82727000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x82731000 \SystemRoot\system32\drivers\volmgr.sys
  0x82740000 \SystemRoot\System32\drivers\volmgrx.sys
  0x8278A000 \SystemRoot\system32\drivers\intelide.sys
  0x82791000 \SystemRoot\system32\drivers\PCIIDEX.SYS
  0x8279F000 \SystemRoot\System32\drivers\mountmgr.sys
  0x827AF000 \SystemRoot\system32\drivers\atapi.sys
  0x827B7000 \SystemRoot\system32\drivers\ataport.SYS
  0x827D5000 \SystemRoot\system32\drivers\viamraid.sys
  0x807BD000 \SystemRoot\system32\drivers\SCSIPORT.SYS
  0x82C08000 \SystemRoot\system32\drivers\vsmraid.sys
  0x82C26000 \SystemRoot\system32\drivers\storport.sys
  0x82C67000 \SystemRoot\system32\drivers\fltmgr.sys
  0x82C99000 \SystemRoot\system32\drivers\fileinfo.sys
  0x82CA9000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x82E05000 \SystemRoot\system32\drivers\ndis.sys
  0x82F10000 \SystemRoot\system32\drivers\msrpc.sys
  0x82F3B000 \SystemRoot\system32\drivers\NETIO.SYS
  0x88200000 \SystemRoot\System32\drivers\tcpip.sys
  0x882EA000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x88402000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x88512000 \SystemRoot\system32\drivers\volsnap.sys
  0x8854B000 \SystemRoot\System32\Drivers\spldr.sys
  0x88553000 \SystemRoot\System32\Drivers\mup.sys
  0x88562000 \SystemRoot\System32\drivers\ecache.sys
  0x88589000 \SystemRoot\system32\drivers\disk.sys
  0x8859A000 \SystemRoot\system32\drivers\CLASSPNP.SYS
  0x885BB000 \SystemRoot\system32\drivers\crcdisk.sys
  0x885F4000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x88305000 \SystemRoot\system32\DRIVERS\tunmp.sys
  0x8830E000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x8831D000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0x8C006000 \SystemRoot\system32\DRIVERS\atikmdag.sys
  0x8C733000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x8C7D3000 \SystemRoot\System32\drivers\watchdog.sys
  0x8C7DF000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
  0x88321000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
  0x8C800000 \SystemRoot\system32\DRIVERS\NETwLv32.sys
  0x8CE5F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
  0x8CE6A000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
  0x8CEA8000 \SystemRoot\system32\DRIVERS\usbehci.sys
  0x8CEB7000 \SystemRoot\system32\DRIVERS\ohci1394.sys
  0x8CEC7000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
  0x8CED5000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
  0x8CEE4000 \SystemRoot\system32\DRIVERS\i8042prt.sys
  0x8CEF7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
  0x8CF02000 \SystemRoot\system32\DRIVERS\mouclass.sys
  0x8CF0D000 \SystemRoot\system32\DRIVERS\cdrom.sys
  0x8CF25000 \SystemRoot\system32\DRIVERS\msiscsi.sys
  0x8CF54000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x8CF5F000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x8CF76000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x8CF81000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x8CFA4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x8CFB3000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x8CFC7000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x8CFDC000 \SystemRoot\system32\DRIVERS\termdd.sys
  0x883AE000 \SystemRoot\system32\DRIVERS\mcdbus.sys
  0x8CFEC000 \SystemRoot\system32\DRIVERS\swenum.sys
  0x883CB000 \SystemRoot\system32\DRIVERS\ks.sys
  0x8CFEE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
  0x8C7E8000 \SystemRoot\system32\DRIVERS\umbus.sys
  0x82F76000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x82FAB000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x8D20A000 \SystemRoot\system32\DRIVERS\smserial.sys
  0x8D301000 \SystemRoot\system32\drivers\modem.sys
  0x8D40D000 \SystemRoot\system32\drivers\RTKVHDA.sys
  0x8D59D000 \SystemRoot\system32\drivers\portcls.sys
  0x8D5CA000 \SystemRoot\system32\drivers\drmk.sys
  0x8D30E000 \SystemRoot\System32\Drivers\aswSnx.SYS
  0x8D5EF000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
  0x8D5F8000 \SystemRoot\System32\Drivers\Null.SYS
  0x8D400000 \SystemRoot\System32\Drivers\Beep.SYS
  0x8D36C000 \SystemRoot\System32\drivers\vga.sys
  0x8D378000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x8D399000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x8D3A1000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x8D3A9000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x8D3B4000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x8D3C2000 \SystemRoot\System32\DRIVERS\rasacd.sys
  0x8D3CB000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x8D3E1000 \SystemRoot\System32\Drivers\aswTdi.SYS
  0x8D3EB000 \SystemRoot\system32\DRIVERS\smb.sys
  0x82D1A000 \SystemRoot\system32\drivers\afd.sys
  0x8D407000 \SystemRoot\System32\Drivers\aswRdr.SYS
  0x82FBC000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x82D62000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x82FEE000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x82D78000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x82D8B000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x8D200000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x82DC7000 \SystemRoot\System32\Drivers\dfsc.sys
  0x8DA08000 \SystemRoot\System32\Drivers\aswSP.SYS
  0x8DA50000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
  0x8DA65000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x8DA67000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x8DA74000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x8DA7E000 \SystemRoot\System32\Drivers\dump_viamraid.sys
  0x8DA97000 \SystemRoot\System32\Drivers\BTHUSB.sys
  0x8DAA4000 \SystemRoot\System32\Drivers\bthport.sys
  0x8DB24000 \SystemRoot\system32\DRIVERS\hidusb.sys
  0x8DB2D000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
  0x8DB3D000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
  0x8DB44000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x8DB4C000 \SystemRoot\system32\DRIVERS\rfcomm.sys
  0x8DB75000 \SystemRoot\system32\DRIVERS\BthEnum.sys
  0x8DB7F000 \SystemRoot\system32\DRIVERS\bthpan.sys
  0x95A20000 \SystemRoot\System32\win32k.sys
  0x8DB99000 \SystemRoot\System32\drivers\Dxapi.sys
  0x8DBA3000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x95C40000 \SystemRoot\System32\TSDDD.dll
  0x95C60000 \SystemRoot\System32\cdd.dll
  0x95C70000 \SystemRoot\System32\ATMFD.DLL
  0x8DBB2000 \SystemRoot\system32\drivers\luafv.sys
  0x9880E000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
  0x98846000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
  0x98851000 \SystemRoot\system32\drivers\spsys.sys
  0x98901000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x98911000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x9893B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x98945000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x98958000 \SystemRoot\system32\drivers\HTTP.sys
  0x989C5000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x989E2000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x8DBCD000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x885C4000 \SystemRoot\system32\drivers\mrxdav.sys
  0x82DDE000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x9B600000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x9B639000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x9B651000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x9B679000 \SystemRoot\System32\DRIVERS\srv.sys
  0x9B6C7000 \SystemRoot\system32\drivers\peauth.sys
  0x9B7A5000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x9B7AF000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x9B7BB000 \SystemRoot\system32\DRIVERS\cdfs.sys
  0x76FB0000 \Windows\System32\ntdll.dll

Processes (total 59):
      0 System Idle Process
      4 System
    468 C:\Windows\System32\smss.exe
    584 csrss.exe
    636 C:\Windows\System32\wininit.exe
    648 csrss.exe
    680 C:\Windows\System32\services.exe
    736 C:\Windows\System32\winlogon.exe
    752 C:\Windows\System32\lsass.exe
    760 C:\Windows\System32\lsm.exe
    904 C:\Windows\System32\svchost.exe
    984 C:\Windows\System32\svchost.exe
    1020 C:\Windows\System32\svchost.exe
    1104 C:\Windows\System32\Ati2evxx.exe
    1132 C:\Windows\System32\svchost.exe
    1204 C:\Windows\System32\svchost.exe
    1216 C:\Windows\System32\svchost.exe
    1284 C:\Windows\System32\audiodg.exe
    1308 C:\Windows\System32\svchost.exe
    1328 C:\Windows\System32\SLsvc.exe
    1360 C:\Windows\System32\svchost.exe
    1440 C:\Windows\System32\Ati2evxx.exe
    1636 C:\Windows\System32\svchost.exe
    1768 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    2000 C:\Windows\System32\spoolsv.exe
    2024 C:\Windows\System32\svchost.exe
    652 C:\Windows\System32\svchost.exe
    1676 C:\Windows\System32\svchost.exe
    968 C:\Windows\System32\svchost.exe
    2092 C:\Windows\System32\svchost.exe
    2128 C:\Windows\System32\SearchIndexer.exe
    2448 C:\Windows\System32\dwm.exe
    2472 C:\Windows\explorer.exe
    2788 C:\Windows\System32\taskeng.exe
    2956 C:\Windows\System32\taskeng.exe
    3240 C:\Windows\RtHDVCpl.exe
    3360 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    3368 C:\Program Files\Common Files\Java\Java Update\jusched.exe
    3388 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    3396 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    3484 C:\Program Files\uTorrent\uTorrent.exe
    3508 C:\Users\***\Downloads\IDMan.exe
    3580 C:\Program Files\MagicDisc\MagicDisc.exe
    3620 C:\Program Files\trayNotify\trayNotify.exe
    3688 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    3744 C:\Program Files\OpenOffice.org 3\program\soffice.exe
    928 C:\Program Files\Mozilla Firefox\firefox.exe
    1532 C:\Program Files\OpenOffice.org 3\program\soffice.bin
    2756 C:\Windows\System32\svchost.exe
    2548 C:\Program Files\Mozilla Firefox\plugin-container.exe
    2424 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    3148 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    3720 C:\Users\***\Downloads\Neuer Ordner\osam.exe
    2340 C:\Windows\System32\notepad.exe
    1368 taskeng.exe
    2436 C:\Windows\System32\SearchProtocolHost.exe
    3292 C:\Windows\System32\SearchFilterHost.exe
    696 C:\Users\***\Desktop\MBRCheck.exe
    2704 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`ee100000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000001e`6ef00000  (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000  (NTFS)

PhysicalDrive0 Model Number: WDCWD1600BEVS-22RST0, Rev: 04.01G04
PhysicalDrive1 Model Number: SAMSUNGHD501LJ, Rev: 0-06

      Size  Device Name          MBR Status
  --------------------------------------------
    149 GB  \\.\PhysicalDrive0  Windows 2008 MBR code detected
            SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
    465 GB  \\.\PhysicalDrive1  RE: Windows 98 MBR code detected
            SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E


Done!

cosinus 21.03.2011 18:14
Zitat:
"XDva370" (XDva370) - ? - C:\Windows\system32\XDva370.sys (File not found)
"XDva375" (XDva375) - ? - C:\Windows\system32\XDva375.sys (File not found)
"XDva380" (XDva380) - ? - C:\Windows\system32\XDva380.sys (File not found)
"XDva383" (XDva383) - ? - C:\Windows\system32\XDva383.sys (File not found)
Bitte diese Einträge mit OSAM deaktivieren und löschen (delete from storage)

Lelouch 21.03.2011 18:54
Als ich die Daten deaktiviert habe, ist bei mir nach dem Neustart kein Report erschienen oder es ist erschienen und ich konnte es nicht lesen, weil sehr viel Schrift weg ist.

Neue osam-logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:52:28 on 21.03.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Opera Software Opera Internet Browser 11.01

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys  (File not found)
"Driver for MagicISO SCSI Host Controller" (mcdbus) - "MagicISO, Inc." - C:\Windows\System32\DRIVERS\mcdbus.sys
"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"NPPTNT2" (NPPTNT2) - "INCA Internet Co., Ltd." - C:\Windows\system32\npptNT2.sys

[Explorer]
-----( HKCU\Software\Classes\Folder\shellex\ColumnHandlers )-----
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{913B3F0F-AB72-4223-82AD-D0F6531E06D2} "CTFtoolDrop.clsDropHandler" - "patpat" - C:\Windows\system32\CTFtoolDrop.dll
{32CC64CC-ABCD-1234-A268-E22E334933D7} "CTFtool_Menu" - "patpat" - C:\Windows\system32\CTFtoolMenu.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{8A56567E-A333-4843-B6E1-C3A262E41D8C} "HashPage Class" - "Beeblebrox.org" - C:\Program Files\HashTab Shell Extension\HashTab32.dll
{B1883831-F0D8-4453-8245-EEAAD866DD6E} "HashTab Context Menu" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? -  (File not found | COM-object registry key not found)
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? -  (File not found | COM-object registry key not found)
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? -  (File not found | COM-object registry key not found)
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? -  (File not found | COM-object registry key not found)
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -  (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{0055C089-8582-441B-A0BF-17B458C2A3A8} "IDMIEHlprObj Class" - "Tonec Inc." - C:\Users\***\Downloads\IDMIECC.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"MagicDisc.lnk" - "MagicISO, Inc." - C:\Program Files\MagicDisc\MagicDisc.exe  (Shortcut exists | File exists)
"OpenOffice.org 3.2.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
"trayNotify.lnk" - "Dako-kun" - C:\Program Files\trayNotify\trayNotify.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"IDMan" - "Tonec Inc." - C:\Users\***\Downloads\IDMan.exe /onboot
"uTorrent" - "BitTorrent, Inc." - "C:\Program Files\uTorrent\uTorrent.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"ATICCC" - ? - "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"  (File found, but it contains no detailed information)
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 21.03.2011 19:14
Schrift ist immer noch weg?
Kannst du mal ein neues Benutzerprofil über die Systemsteuerung erstellen und schauen ob da noch alles intakt ist?

Lelouch 21.03.2011 19:23
Ja, die Schrift ist leider immer noch weg, auch bei anderen Benutzerprofilen :(
Also, das Problem besteht weiterhin :(


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:24 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19