Es hat sich ein VIRUS eingenistet |
||
|---|---|---|
| #0
| ||
|
14.07.2010, 14:27
Member
Themenstarter Beiträge: 262 |
||
 
|
|
|
|
14.07.2010, 14:29
Member
Themenstarter Beiträge: 262 |
#32
Ich lass nun den Gmer scannen dauer
länger |
|
|
|
|
|
|
14.07.2010, 14:59
Member
Themenstarter Beiträge: 262 |
#33
gmer scan bereitet mir probleme
|
|
|
|
|
|
|
14.07.2010, 15:03
Member
Themenstarter Beiträge: 262 |
#34
TDSS Killer
arbeitet einige Sekunden im Dos Fenster daraufhin -> drücken sie eine Taste und das wars es taucht kein Log auf Dos Fenster wird geschlossen |
|
|
|
|
|
|
14.07.2010, 15:05
Member
Themenstarter Beiträge: 262 |
#35
Wie lange dauer der gmer scan ?
Nach einer halben std bleicht er stehen und ich kann nichts machen nur die Sanduhr bewegen. Da stimmt was nicht |
|
|
|
|
|
|
14.07.2010, 15:17
Member
Beiträge: 420 |
#36
Ok, lass den Gmer, der macht manchmal Probleme.
Scannen wir mit RootRepeal: [url] http://sites.google.com/site/rootrepeal/[/url] Starte RootRepeal. Beende alle anderen Programme, schalte AV-Wächter ab. Gehe auf Report. Klicke auf Scan. Setze alle Häkchen. Bestätige mit OK. Poste das Log. Das Log von TDSS ist unter C: zu finden. |
|
|
|
|
|
|
14.07.2010, 15:18
Member
Themenstarter Beiträge: 262 |
#37
gmer zuende gescant - führt automatisch zum Neustart von Windows
wo finde ich genau das log von gmer ? |
|
|
|
|
|
|
14.07.2010, 15:28
Member
Themenstarter Beiträge: 262 |
#38
ROOTREPEAL (c) AD, 2007-2009
================================================== Scan Start Time: 2010/07/14 15:26 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: 1394BUS.SYS Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS Address: 0xBA0C8000 Size: 57344 File Visible: - Signed: - Status: - Name: ACPI.sys Image Path: ACPI.sys Address: 0xB9F78000 Size: 188800 File Visible: - Signed: - Status: - Name: ACPI_HAL Image Path: \Driver\ACPI_HAL Address: 0x804D7000 Size: 2154496 File Visible: - Signed: - Status: - Name: afd.sys Image Path: C:\WINDOWS\System32\drivers\afd.sys Address: 0xB5FDE000 Size: 138496 File Visible: - Signed: - Status: - Name: AFS2K.SYS Image Path: C:\WINDOWS\System32\Drivers\AFS2K.SYS Address: 0xBA288000 Size: 54336 File Visible: - Signed: - Status: - Name: arp1394.sys Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys Address: 0xBA1C8000 Size: 60800 File Visible: - Signed: - Status: - Name: atapi.sys Image Path: atapi.sys Address: 0xB9F30000 Size: 96512 File Visible: - Signed: - Status: - Name: audstub.sys Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys Address: 0xBA72F000 Size: 3072 File Visible: - Signed: - Status: - Name: avgio.sys Image Path: C:\Programme\AntiVir PersonalEdition Classic\avgio.sys Address: 0xBA5D8000 Size: 7168 File Visible: - Signed: - Status: - Name: avgntflt.sys Image Path: C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys Address: 0xB5749000 Size: 53248 File Visible: - Signed: - Status: - Name: Beep.SYS Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS Address: 0xBA5D2000 Size: 4224 File Visible: - Signed: - Status: - Name: BOOTVID.dll Image Path: C:\WINDOWS\system32\BOOTVID.dll Address: 0xBA4B8000 Size: 12288 File Visible: - Signed: - Status: - Name: Cdfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS Address: 0xB5739000 Size: 63744 File Visible: - Signed: - Status: - Name: cdrom.sys Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys Address: 0xBA298000 Size: 62976 File Visible: - Signed: - Status: - Name: CLASSPNP.SYS Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS Address: 0xBA108000 Size: 53248 File Visible: - Signed: - Status: - Name: disk.sys Image Path: disk.sys Address: 0xBA0F8000 Size: 36352 File Visible: - Signed: - Status: - Name: drmk.sys Image Path: C:\WINDOWS\system32\drivers\drmk.sys Address: 0xBA138000 Size: 61440 File Visible: - Signed: - Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB5DFA000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBA5DA000 Size: 8192 File Visible: No Signed: - Status: - Name: Dxapi.sys Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys Address: 0xBA574000 Size: 12288 File Visible: - Signed: - Status: - Name: dxg.sys Image Path: C:\WINDOWS\System32\drivers\dxg.sys Address: 0xBF000000 Size: 73728 File Visible: - Signed: - Status: - Name: dxgthk.sys Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys Address: 0xBA6E2000 Size: 4096 File Visible: - Signed: - Status: - Name: e1e5132.sys Image Path: C:\WINDOWS\system32\DRIVERS\e1e5132.sys Address: 0xB9189000 Size: 230400 File Visible: - Signed: - Status: - Name: Fastfat.SYS Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS Address: 0xB5E12000 Size: 143744 File Visible: - Signed: - Status: - Name: Fips.SYS Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS Address: 0xBA1D8000 Size: 44672 File Visible: - Signed: - Status: - Name: fltmgr.sys Image Path: fltmgr.sys Address: 0xB9F10000 Size: 129792 File Visible: - Signed: - Status: - Name: Fs_Rec.SYS Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS Address: 0xBA5D0000 Size: 7936 File Visible: - Signed: - Status: - Name: ftdisk.sys Image Path: ftdisk.sys Address: 0xB9F48000 Size: 126336 File Visible: - Signed: - Status: - Name: hal.dll Image Path: C:\WINDOWS\system32\hal.dll Address: 0x806E5000 Size: 134400 File Visible: - Signed: - Status: - Name: HDAudBus.sys Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys Address: 0xB913D000 Size: 163840 File Visible: - Signed: - Status: - Name: HECI.sys Image Path: C:\WINDOWS\system32\DRIVERS\HECI.sys Address: 0xBA268000 Size: 43264 File Visible: - Signed: - Status: - Name: HIDCLASS.SYS Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS Address: 0xBA208000 Size: 36864 File Visible: - Signed: - Status: - Name: HIDPARSE.SYS Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS Address: 0xBA460000 Size: 28672 File Visible: - Signed: - Status: - Name: hidusb.sys Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys Address: 0xB97B4000 Size: 10368 File Visible: - Signed: - Status: - Name: HTTP.sys Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys Address: 0xB4FC9000 Size: 265728 File Visible: - Signed: - Status: - Name: imapi.sys Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys Address: 0xBA278000 Size: 42112 File Visible: - Signed: - Status: - Name: intelppm.sys Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys Address: 0xBA258000 Size: 40448 File Visible: - Signed: - Status: - Name: ipnat.sys Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys Address: 0xB6028000 Size: 152832 File Visible: - Signed: - Status: - Name: ipsec.sys Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys Address: 0xB60A7000 Size: 75264 File Visible: - Signed: - Status: - Name: isapnp.sys Image Path: isapnp.sys Address: 0xBA0A8000 Size: 37632 File Visible: - Signed: - Status: - Name: kbdclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys Address: 0xBA438000 Size: 25216 File Visible: - Signed: - Status: - Name: kbdhid.sys Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys Address: 0xBA55C000 Size: 14720 File Visible: - Signed: - Status: - Name: KDCOM.DLL Image Path: C:\WINDOWS\system32\KDCOM.DLL Address: 0xBA5A8000 Size: 8192 File Visible: - Signed: - Status: - Name: kmixer.sys Image Path: C:\WINDOWS\system32\drivers\kmixer.sys Address: 0xB4B3E000 Size: 172416 File Visible: - Signed: - Status: - Name: ks.sys Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys Address: 0xB911A000 Size: 143360 File Visible: - Signed: - Status: - Name: KSecDD.sys Image Path: KSecDD.sys Address: 0xB9EE7000 Size: 92928 File Visible: - Signed: - Status: - Name: mbamswissarmy.sys Image Path: C:\WINDOWS\system32\drivers\mbamswissarmy.sys Address: 0xBA390000 Size: 32768 File Visible: - Signed: - Status: - Name: mnmdd.SYS Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS Address: 0xBA5D4000 Size: 4224 File Visible: - Signed: - Status: - Name: mouclass.sys Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys Address: 0xBA440000 Size: 23552 File Visible: - Signed: - Status: - Name: mouhid.sys Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys Address: 0xB97B0000 Size: 12288 File Visible: - Signed: - Status: - Name: MountMgr.sys Image Path: MountMgr.sys Address: 0xBA0D8000 Size: 42368 File Visible: - Signed: - Status: - Name: mrxdav.sys Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys Address: 0xB54E9000 Size: 180608 File Visible: - Signed: - Status: - Name: mrxsmb.sys Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys Address: 0xB5ED6000 Size: 455680 File Visible: - Signed: - Status: - Name: Msfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS Address: 0xBA470000 Size: 19072 File Visible: - Signed: - Status: - Name: msgpc.sys Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys Address: 0xBA198000 Size: 35072 File Visible: - Signed: - Status: - Name: mssmbios.sys Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys Address: 0xBA594000 Size: 15488 File Visible: - Signed: - Status: - Name: Mup.sys Image Path: Mup.sys Address: 0xB9E13000 Size: 105344 File Visible: - Signed: - Status: - Name: NDIS.sys Image Path: NDIS.sys Address: 0xB9E2D000 Size: 182656 File Visible: - Signed: - Status: - Name: ndistapi.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys Address: 0xBA588000 Size: 10112 File Visible: - Signed: - Status: - Name: ndisuio.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys Address: 0xB5A8D000 Size: 14592 File Visible: - Signed: - Status: - Name: ndiswan.sys Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys Address: 0xB90EF000 Size: 91520 File Visible: - Signed: - Status: - Name: NDProxy.SYS Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS Address: 0xBA308000 Size: 40576 File Visible: - Signed: - Status: - Name: netbios.sys Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys Address: 0xBA1B8000 Size: 34688 File Visible: - Signed: - Status: - Name: netbt.sys Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys Address: 0xB6000000 Size: 162816 File Visible: - Signed: - Status: - Name: nic1394.sys Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys Address: 0xBA128000 Size: 61824 File Visible: - Signed: - Status: - Name: Npfs.SYS Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS Address: 0xBA478000 Size: 30848 File Visible: - Signed: - Status: - Name: Ntfs.sys Image Path: Ntfs.sys Address: 0xB9E5A000 Size: 574976 File Visible: - Signed: - Status: - Name: ntkrnlpa.exe Image Path: C:\WINDOWS\system32\ntkrnlpa.exe Address: 0x804D7000 Size: 2154496 File Visible: - Signed: - Status: - Name: Null.SYS Image Path: C:\WINDOWS\System32\Drivers\Null.SYS Address: 0xBA7D9000 Size: 2944 File Visible: - Signed: - Status: - Name: nv4_disp.dll Image Path: C:\WINDOWS\System32\nv4_disp.dll Address: 0xBF012000 Size: 6057984 File Visible: - Signed: - Status: - Name: nv4_mini.sys Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys Address: 0xB91D6000 Size: 6132576 File Visible: - Signed: - Status: - Name: OADriver.sys Image Path: C:\WINDOWS\system32\drivers\OADriver.sys Address: 0xB5F46000 Size: 282624 File Visible: - Signed: - Status: - Name: OAmon.sys Image Path: C:\WINDOWS\system32\drivers\OAmon.sys Address: 0xBA480000 Size: 32768 File Visible: - Signed: - Status: - Name: OAnet.sys Image Path: C:\WINDOWS\system32\drivers\OAnet.sys Address: 0xBA188000 Size: 36864 File Visible: - Signed: - Status: - Name: ohci1394.sys Image Path: ohci1394.sys Address: 0xBA0B8000 Size: 61696 File Visible: - Signed: - Status: - Name: parport.sys Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys Address: 0xB9106000 Size: 80384 File Visible: - Signed: - Status: - Name: PartMgr.sys Image Path: PartMgr.sys Address: 0xBA330000 Size: 19712 File Visible: - Signed: - Status: - Name: ParVdm.SYS Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS Address: 0xBA644000 Size: 7040 File Visible: - Signed: - Status: - Name: pci.sys Image Path: pci.sys Address: 0xB9F67000 Size: 68224 File Visible: - Signed: - Status: - Name: pciide.sys Image Path: pciide.sys Address: 0xBA670000 Size: 3328 File Visible: - Signed: - Status: - Name: PCIIDEX.SYS Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS Address: 0xBA328000 Size: 28672 File Visible: - Signed: - Status: - Name: PnpManager Image Path: \Driver\PnpManager Address: 0x804D7000 Size: 2154496 File Visible: - Signed: - Status: - Name: portcls.sys Image Path: C:\WINDOWS\system32\drivers\portcls.sys Address: 0xB6102000 Size: 147456 File Visible: - Signed: - Status: - Name: ptilink.sys Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys Address: 0xBA428000 Size: 17792 File Visible: - Signed: - Status: - Name: rasacd.sys Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys Address: 0xBA54C000 Size: 8832 File Visible: - Signed: - Status: - Name: rasl2tp.sys Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys Address: 0xBA2C8000 Size: 51328 File Visible: - Signed: - Status: - Name: raspppoe.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys Address: 0xBA2D8000 Size: 41472 File Visible: - Signed: - Status: - Name: raspptp.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys Address: 0xBA2E8000 Size: 48384 File Visible: - Signed: - Status: - Name: raspti.sys Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys Address: 0xBA430000 Size: 16512 File Visible: - Signed: - Status: - Name: RAW Image Path: \FileSystem\RAW Address: 0x804D7000 Size: 2154496 File Visible: - Signed: - Status: - Name: rdbss.sys Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys Address: 0xB5FB3000 Size: 175744 File Visible: - Signed: - Status: - Name: RDPCDD.sys Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys Address: 0xBA5D6000 Size: 4224 File Visible: - Signed: - Status: - Name: redbook.sys Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys Address: 0xBA2A8000 Size: 57728 File Visible: - Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB50BA000 Size: 49152 File Visible: No Signed: - Status: - Name: serenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys Address: 0xBA584000 Size: 15744 File Visible: - Signed: - Status: - Name: serial.sys Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys Address: 0xBA2B8000 Size: 65536 File Visible: - Signed: - Status: - Name: sfng32.sys Image Path: C:\WINDOWS\system32\drivers\sfng32.sys Address: 0xBA148000 Size: 41728 File Visible: - Signed: - Status: - Name: sr.sys Image Path: sr.sys Address: 0xB9EFE000 Size: 73472 File Visible: - Signed: - Status: - Name: srv.sys Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys Address: 0xB537A000 Size: 353792 File Visible: - Signed: - Status: - Name: sthda.sys Image Path: C:\WINDOWS\system32\drivers\sthda.sys Address: 0xB6126000 Size: 1130400 File Visible: - Signed: - Status: - Name: swenum.sys Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys Address: 0xBA5C6000 Size: 4352 File Visible: - Signed: - Status: - Name: sysaudio.sys Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys Address: 0xB5891000 Size: 60800 File Visible: - Signed: - Status: - Name: tcpip.sys Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys Address: 0xB604E000 Size: 361600 File Visible: - Signed: - Status: - Name: TDI.SYS Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS Address: 0xBA420000 Size: 20480 File Visible: - Signed: - Status: - Name: termdd.sys Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys Address: 0xBA2F8000 Size: 40704 File Visible: - Signed: - Status: - Name: update.sys Image Path: C:\WINDOWS\system32\DRIVERS\update.sys Address: 0xB9091000 Size: 384768 File Visible: - Signed: - Status: - Name: usbccgp.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbccgp.sys Address: 0xBA488000 Size: 32128 File Visible: - Signed: - Status: - Name: USBD.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS Address: 0xBA5CA000 Size: 8192 File Visible: - Signed: - Status: - Name: usbehci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys Address: 0xBA418000 Size: 30208 File Visible: - Signed: - Status: - Name: usbhub.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys Address: 0xBA318000 Size: 59520 File Visible: - Signed: - Status: - Name: USBPORT.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS Address: 0xB9165000 Size: 147456 File Visible: - Signed: - Status: - Name: USBSTOR.SYS Image Path: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS Address: 0xBA458000 Size: 26368 File Visible: - Signed: - Status: - Name: usbuhci.sys Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys Address: 0xBA410000 Size: 20608 File Visible: - Signed: - Status: - Name: vga.sys Image Path: C:\WINDOWS\System32\drivers\vga.sys Address: 0xBA468000 Size: 20992 File Visible: - Signed: - Status: - Name: VIDEOPRT.SYS Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS Address: 0xB91C2000 Size: 81920 File Visible: - Signed: - Status: - Name: VolSnap.sys Image Path: VolSnap.sys Address: 0xBA0E8000 Size: 53760 File Visible: - Signed: - Status: - Name: wanarp.sys Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys Address: 0xBA1A8000 Size: 34560 File Visible: - Signed: - Status: - Name: watchdog.sys Image Path: C:\WINDOWS\System32\watchdog.sys Address: 0xBA490000 Size: 20480 File Visible: - Signed: - Status: - Name: wdmaud.sys Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys Address: 0xB579C000 Size: 83072 File Visible: - Signed: - Status: - Name: Win32k Image Path: \Driver\Win32k Address: 0xBF800000 Size: 1851392 File Visible: - Signed: - Status: - Name: win32k.sys Image Path: C:\WINDOWS\System32\win32k.sys Address: 0xBF800000 Size: 1851392 File Visible: - Signed: - Status: - Name: WMILIB.SYS Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS Address: 0xBA5AA000 Size: 8192 File Visible: - Signed: - Status: - Name: WMIxWDM Image Path: \Driver\WMIxWDM Address: 0x804D7000 Size: 2154496 File Visible: - Signed: - Status: - |
|
|
|
|
|
|
14.07.2010, 15:30
Member
Themenstarter Beiträge: 262 |
#39
kleiner Erfolg
FF geht wieder aber IE leider nicht |
|
|
|
|
|
|
14.07.2010, 15:46
Member
Themenstarter Beiträge: 262 |
#40
ROOTREPEAL (c) AD, 2007-2009
================================================== Scan Start Time: 2010/07/14 15:43 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB5DFA000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBA5DA000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB528A000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: c:\dokumente und einstellungen\admin\anwendungsdaten\mozilla\firefox\profiles\6n81zofd.default\places.sqlite-stmtjrnl Status: Allocation size mismatch (API: 32768, Raw: 0) Path: C:\Dokumente und Einstellungen\Admin\Eigene Dateien\My Music\BearShare\Julien-K & Chester Bennington\Another Mindless Rip-Off\06 What Do They Know - Mindless Self Indulgence vs. Julien-K.mp3 Status: Locked to the Windows API! Path: c:\dokumente und einstellungen\admin\lokale einstellungen\anwendungsdaten\mozilla\firefox\profiles\6n81zofd.default\cache\_cache_001_ Status: Size mismatch (API: 108341, Raw: 64865) Path: c:\dokumente und einstellungen\admin\lokale einstellungen\anwendungsdaten\mozilla\firefox\profiles\6n81zofd.default\cache\_cache_002_ Status: Size mismatch (API: 116939, Raw: 48807) Path: c:\dokumente und einstellungen\admin\lokale einstellungen\anwendungsdaten\mozilla\firefox\profiles\6n81zofd.default\cache\_cache_003_ Status: Size mismatch (API: 816571, Raw: 533128) Path: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\Cache\744BF7B1d01 Status: Visible to the Windows API, but not on disk. Path: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\Cache\79557753d01 Status: Visible to the Windows API, but not on disk. Path: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\Cache\7A477753d01 Status: Visible to the Windows API, but not on disk. Path: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\Cache\7A537753d01 Status: Visible to the Windows API, but not on disk. Path: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\Cache\DAD70D8Ed01 Status: Visible to the Windows API, but not on disk. SSDT ------------------- #: 017 Function Name: NtAllocateVirtualMemory Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f60e60 #: 019 Function Name: NtAssignProcessToJobObject Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f615c0 #: 031 Function Name: NtConnectPort Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5f610 #: 037 Function Name: NtCreateFile Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e0d0 #: 041 Function Name: NtCreateKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6c430 #: 046 Function Name: NtCreatePort Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5f2c0 #: 047 Function Name: NtCreateProcess Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5c580 #: 048 Function Name: NtCreateProcessEx Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5c960 #: 050 Function Name: NtCreateSection Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5c060 #: 053 Function Name: NtCreateThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5da40 #: 057 Function Name: NtDebugActiveProcess Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5e5a0 #: 062 Function Name: NtDeleteFile Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6eb50 #: 063 Function Name: NtDeleteKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6c9e0 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6d330 #: 068 Function Name: NtDuplicateObject Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5efe0 #: 071 Function Name: NtEnumerateKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e070 #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e0a0 #: 097 Function Name: NtLoadDriver Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f605d0 #: 098 Function Name: NtLoadKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6d780 #: 116 Function Name: NtOpenFile Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e760 #: 119 Function Name: NtOpenKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6cc20 #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5d450 #: 125 Function Name: NtOpenSection Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5c300 #: 128 Function Name: NtOpenThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5df00 #: 137 Function Name: NtProtectVirtualMemory Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f61250 #: 145 Function Name: NtQueryDirectoryFile Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f60a10 #: 160 Function Name: NtQueryKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e010 #: 177 Function Name: NtQueryValueKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6e040 #: 180 Function Name: NtQueueApcThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f61740 #: 193 Function Name: NtReplaceKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6db20 #: 200 Function Name: NtRequestWaitReplyPort Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f60180 #: 204 Function Name: NtRestoreKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6dd80 #: 206 Function Name: NtResumeThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5ec90 #: 207 Function Name: NtSaveKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6dff0 #: 210 Function Name: NtSecureConnectPort Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5f9d0 #: 213 Function Name: NtSetContextThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5e3c0 #: 224 Function Name: NtSetInformationFile Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6ee10 #: 240 Function Name: NtSetSystemInformation Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5e720 #: 247 Function Name: NtSetValueKey Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f6cc40 #: 249 Function Name: NtShutdownSystem Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f604d0 #: 253 Function Name: NtSuspendProcess Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5ee40 #: 254 Function Name: NtSuspendThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5eac0 #: 255 Function Name: NtSystemDebugControl Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5e900 #: 257 Function Name: NtTerminateProcess Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5d800 #: 258 Function Name: NtTerminateThread Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5e1a0 #: 262 Function Name: NtUnloadDriver Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f607f0 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f61400 Shadow SSDT ------------------- #: 013 Function Name: NtGdiBitBlt Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5a8b0 #: 233 Function Name: NtGdiOpenDCW Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5abe0 #: 307 Function Name: NtUserAttachThreadInput Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f57d50 #: 310 Function Name: NtUserBlockInput Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f597d0 #: 319 Function Name: NtUserCallHwndParamLock Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59350 #: 324 Function Name: NtUserCallTwoParam Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5a1c0 #: 383 Function Name: NtUserGetAsyncKeyState Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f58770 #: 389 Function Name: NtUserGetClipboardData Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59a80 #: 401 Function Name: NtUserGetDC Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5a590 #: 414 Function Name: NtUserGetKeyboardState Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f58640 #: 416 Function Name: NtUserGetKeyState Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f58510 #: 439 Function Name: NtUserGetWindowDC Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5a720 #: 460 Function Name: NtUserMessageCall Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f588a0 #: 465 Function Name: NtUserMoveWindow Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59da0 #: 475 Function Name: NtUserPostMessage Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f58ca0 #: 476 Function Name: NtUserPostThreadMessage Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59000 #: 491 Function Name: NtUserRegisterRawInputDevices Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f57bf0 #: 502 Function Name: NtUserSendInput Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f595a0 #: 509 Function Name: NtUserSetClipboardViewer Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59940 #: 529 Function Name: NtUserSetParent Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59bd0 #: 546 Function Name: NtUserSetWindowPos Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f5a090 #: 548 Function Name: NtUserSetWindowsHookAW Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f57740 #: 549 Function Name: NtUserSetWindowsHookEx Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f57360 #: 552 Function Name: NtUserSetWinEventHook Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f579a0 #: 555 Function Name: NtUserShowWindow Status: Hooked by "C:\WINDOWS\system32\drivers\OADriver.sys" at address 0xb5f59fc0 ==EOF== |
|
|
|
|
|
|
14.07.2010, 15:55
Member
Themenstarter Beiträge: 262 |
#41
15:18:31:359 2596 TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49
15:18:31:359 2596 ================================================================================ 15:18:31:359 2596 SystemInfo: 15:18:31:359 2596 OS Version: 5.1.2600 ServicePack: 3.0 15:18:31:359 2596 Product type: Workstation 15:18:31:359 2596 ComputerName: MAIN-1B84F08B18 15:18:31:359 2596 UserName: Admin 15:18:31:359 2596 Windows directory: C:\WINDOWS 15:18:31:359 2596 System windows directory: C:\WINDOWS 15:18:31:359 2596 Processor architecture: Intel x86 15:18:31:359 2596 Number of processors: 2 15:18:31:359 2596 Page size: 0x1000 15:18:31:359 2596 Boot type: Normal boot 15:18:31:359 2596 ================================================================================ 15:18:31:734 2596 Initialize success 15:18:31:734 2596 15:18:31:734 2596 Scanning Services ... 15:18:32:046 2596 Raw services enum returned 299 services 15:18:32:046 2596 15:18:32:046 2596 Scanning Drivers ... 15:18:32:562 2596 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 15:18:32:578 2596 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 15:18:32:609 2596 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 15:18:32:656 2596 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 15:18:32:703 2596 AFS2K (b34b1ab0a7690a0e2301fec6d17b2fc1) C:\WINDOWS\system32\drivers\AFS2K.sys 15:18:32:765 2596 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 15:18:32:859 2596 ASPI (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys 15:18:32:906 2596 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 15:18:32:921 2596 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 15:18:32:968 2596 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 15:18:33:015 2596 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 15:18:33:078 2596 avgio (df0641db51e14ca0f2f48d992f934d06) C:\Programme\AntiVir PersonalEdition Classic\avgio.sys 15:18:33:109 2596 avgntflt (f12cb3e0a3c737f05d88dd7239f03edc) C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys 15:18:33:156 2596 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 15:18:33:203 2596 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 15:18:33:234 2596 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 15:18:33:265 2596 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 15:18:33:281 2596 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 15:18:33:375 2596 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 15:18:33:437 2596 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 15:18:33:468 2596 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 15:18:33:484 2596 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 15:18:33:500 2596 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 15:18:33:515 2596 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 15:18:33:562 2596 e1express (6f7ccd3c02b26d530900f06d98171a69) C:\WINDOWS\system32\DRIVERS\e1e5132.sys 15:18:33:593 2596 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 15:18:33:625 2596 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 15:18:33:656 2596 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 15:18:33:671 2596 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 15:18:33:703 2596 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 15:18:33:718 2596 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 15:18:33:734 2596 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 15:18:33:765 2596 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 15:18:33:781 2596 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 15:18:33:812 2596 HECI (f971d05559ce11ee22af7a7dce6bcfad) C:\WINDOWS\system32\DRIVERS\HECI.sys 15:18:33:828 2596 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 15:18:33:890 2596 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 15:18:33:906 2596 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 15:18:33:937 2596 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 15:18:33:968 2596 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 15:18:34:031 2596 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 15:18:34:062 2596 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 15:18:34:125 2596 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 15:18:34:156 2596 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 15:18:34:171 2596 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 15:18:34:203 2596 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 15:18:34:218 2596 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 15:18:34:234 2596 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 15:18:34:281 2596 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 15:18:34:312 2596 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 15:18:34:359 2596 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 15:18:34:406 2596 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 15:18:34:453 2596 klmd23 (316353165feba3d0538eaa9c2f60c5b7) C:\WINDOWS\system32\drivers\klmd.sys 15:18:34:484 2596 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 15:18:34:515 2596 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 15:18:34:562 2596 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 15:18:34:593 2596 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 15:18:34:625 2596 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 15:18:34:656 2596 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 15:18:34:671 2596 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 15:18:34:703 2596 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 15:18:34:765 2596 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 15:18:34:796 2596 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 15:18:34:812 2596 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 15:18:34:828 2596 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 15:18:34:875 2596 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 15:18:34:921 2596 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 15:18:34:937 2596 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 15:18:34:984 2596 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 15:18:35:015 2596 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 15:18:35:046 2596 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 15:18:35:046 2596 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 15:18:35:078 2596 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 15:18:35:109 2596 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 15:18:35:140 2596 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 15:18:35:203 2596 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 15:18:35:203 2596 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 15:18:35:234 2596 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 15:18:35:281 2596 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 15:18:35:437 2596 nv (70cb8915895ccb92ddf23ce890c4f5be) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 15:18:35:687 2596 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 15:18:35:703 2596 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 15:18:35:734 2596 OADevice (477030e70f8eb2a6fdac1c4d8e4f98ca) C:\WINDOWS\system32\drivers\OADriver.sys 15:18:35:765 2596 OAmon (6a976a0472a03c96afb5c8bd3fb996fc) C:\WINDOWS\system32\drivers\OAmon.sys 15:18:35:796 2596 OAnet (ac36ff4faa60258fcc6ba6476c2fed82) C:\WINDOWS\system32\drivers\OAnet.sys 15:18:35:843 2596 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 15:18:35:859 2596 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 15:18:35:890 2596 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 15:18:35:921 2596 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 15:18:35:953 2596 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 15:18:36:000 2596 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 15:18:36:031 2596 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 15:18:36:171 2596 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 15:18:36:203 2596 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 15:18:36:265 2596 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 15:18:36:296 2596 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 15:18:36:312 2596 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 15:18:36:343 2596 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 15:18:36:359 2596 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 15:18:36:375 2596 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 15:18:36:390 2596 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 15:18:36:421 2596 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 15:18:36:578 2596 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 15:18:36:703 2596 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 15:18:36:750 2596 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 15:18:36:765 2596 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 15:18:36:781 2596 sfng32 (5fe18fff6fbcf218290042009eab023d) C:\WINDOWS\system32\drivers\sfng32.sys 15:18:36:828 2596 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 15:18:36:859 2596 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 15:18:36:890 2596 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 15:18:36:968 2596 STHDA (784b73bd9d1c0fba6ca96e8976f4b0e6) C:\WINDOWS\system32\drivers\sthda.sys 15:18:37:015 2596 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 15:18:37:046 2596 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 15:18:37:093 2596 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 15:18:37:140 2596 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 15:18:37:171 2596 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 15:18:37:203 2596 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 15:18:37:234 2596 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 15:18:37:265 2596 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 15:18:37:312 2596 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 15:18:37:359 2596 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 15:18:37:375 2596 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 15:18:37:390 2596 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 15:18:37:421 2596 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 15:18:37:468 2596 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 15:18:37:484 2596 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 15:18:37:500 2596 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 15:18:37:531 2596 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 15:18:37:546 2596 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 15:18:37:578 2596 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 15:18:37:609 2596 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 15:18:37:609 2596 15:18:37:609 2596 Completed 15:18:37:609 2596 15:18:37:609 2596 Results: 15:18:37:609 2596 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 15:18:37:609 2596 File objects infected / cured / cured on reboot: 0 / 0 / 0 15:18:37:609 2596 15:18:37:625 2596 KLMD(ARK) unloaded successfully |
|
|
|
|
|
|
14.07.2010, 16:17
Member
Beiträge: 420 |
#42
Das Log vom Gmer findet man so leider nicht, ist aber nicht schlimm.
Installiere wieder IE8, Du hast wahrscheinlich den kaputten IE7 nach der Systemwiederherstellung. Hat aber erstmal Zeit. 1. Panda ActiveScan2.0 http://www.pandasecurity.com/homeusers/solutions/activescan/ Klicke auf Scan your PC now Wähle Schneller Scan, klicke auf Jetzt scannen und folge den Anweisungen. Am Ende des Scans wird eine Ergebnisseite angezeigt, oben rechts kann man die Ergebnisse in eine Textdatei speichern. Den Inhalt der Datei bitte posten. |
|
|
|
|
|
|
14.07.2010, 19:51
Member
Themenstarter Beiträge: 262 |
#43
Ich habe die Ergebnisseite einfach kopiert.
ActiveScan 2.0 Startseite | Teilen Sie uns Ihre Meinung mit! | Hilfe Ergebnisse Scanvorgang Suche nach Viren, Spyware, Trojanern und anderen Bedrohungen. Dieser Vorgang kann abhängig von der Datenmenge auf Ihrem Computer einige Minuten dauern. 100% Element in Bearbeitung: c:\windows\zip.exe Gescannte Dateien: 3027 Infizierte Dateien: 0 Verdächtige Dateien erkannt: 0 Schwachstellen erkannt: 0 Ihr PC ist momentan nicht infiziert. |
|
|
|
|
|
|
14.07.2010, 20:13
Member
Themenstarter Beiträge: 262 |
#44
IE 8 neu downgeloaded nun geht er.
Ich möcht aber nicht zu eupphorisch sein, beim letzten Mal lief er einige Male dann nicht mehr. Warten wir es ab. Haben wir den Virus unter Kontrolle ? |
|
|
|
|
|
|
14.07.2010, 20:38
Member
Beiträge: 420 |
#45
Hm, bist Du sicher, dass der Scan schon zu Ende war? Die Ergebnisseite sieht anders aus.
Na ja, sieht aber ganz gut aus. Machen wir noch einen Kontrollscan mit OTL. Starte bitte OTL, klicke auf Quick Scan und poste die OTL.txt |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Das System wurde gescannt und 743 fehler wurden gefunden 25 konnten bei der Schareware angeblich behoben werden.