Google öffnet falsche Internetseiten

cosinus · 16.07.2011, 01:12

Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.

Doppelklick auf die MBRCheck.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Das Tool braucht nur wenige Sekunden.
Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.

Poste mir bitte den Inhalt des .txt Dokumentes

hofi63 · 16.07.2011, 01:42

Die GMER ging nicht wie du vermutet hast, hie die Osam und die

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 02:33:35 on 16.07.2011

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - D:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - D:\Programme\Google\Update\GoogleUpdate.exe
"RealUpgradeLogonTaskS-1-5-21-1123561945-1500820517-839522115-1003.job" - "RealNetworks, Inc." - D:\Programme\Real\RealUpgrade\realupgrade.exe
"RealUpgradeScheduledTaskS-1-5-21-1123561945-1500820517-839522115-1003.job" - "RealNetworks, Inc." - D:\Programme\Real\RealUpgrade\realupgrade.exe
"1-Klick-Wartung.job" - "TuneUp Software GmbH" - D:\Programme\TuneUp Utilities 2006\SystemOptimizer.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal" - "Avira GmbH" - D:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Nero BurnRights" - "Nero AG" - D:\Programme\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl
"QuickTime" - "Apple Inc." - D:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - D:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - D:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - D:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - D:\ComboFix\catchme.sys  (File not found)
"Changer" (Changer) - ? - D:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"cpudrv" (cpudrv) - ? - D:\Programme\SystemRequirementsLab\cpudrv.sys  (File found, but it contains no detailed information)
"ElbyCDFL" (ElbyCDFL) - "Elaborate Bytes" - D:\WINDOWS\System32\Drivers\ElbyCDFL.sys
"ElbyCDIO Driver" (ElbyCDIO) - "Elaborate Bytes AG" - D:\WINDOWS\System32\Drivers\ElbyCDIO.sys
"i2omgmt" (i2omgmt) - ? - D:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"Ir-680 USB Infrared Adapter" (MA-620) - "Mobile Action Tech. Inc." - D:\WINDOWS\System32\DRIVERS\ir-680.sys
"lbrtfdc" (lbrtfdc) - ? - D:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - D:\WINDOWS\system32\drivers\mbam.sys
"MBAMSwissArmy" (MBAMSwissArmy) - "Malwarebytes Corporation" - D:\WINDOWS\system32\drivers\mbamswissarmy.sys
"mbr" (mbr) - ? - D:\DOKUME~1\Ich\LOKALE~1\Temp\mbr.sys  (Hidden registry entry, rootkit activity | File not found)
"Nal Service " (NAL) - "Intel Corporation " - D:\WINDOWS\system32\Drivers\iqvw32.sys
"PCIDump" (PCIDump) - ? - D:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - D:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - D:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - D:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - D:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"pxtdypoc" (pxtdypoc) - ? - D:\DOKUME~1\Ich\LOKALE~1\Temp\pxtdypoc.sys  (Hidden registry entry, rootkit activity | File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - D:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"WDICA" (WDICA) - ? - D:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - D:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{7D4D6379-F301-4311-BEBA-E26EB0561882} "NeroDigitalColumnHandler Class" - "Nero AG" - D:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - D:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - D:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - D:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - D:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - D:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - D:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - D:\Programme\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - D:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - D:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{B327765E-D724-4347-8B16-78AE18552FC3} "NeroDigitalIconHandler Class" - "Nero AG" - D:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{7F1CF152-04F8-453A-B34C-E609530A9DC8} "NeroDigitalPropSheetHandler Class" - "Nero AG" - D:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroDigitalExt.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - D:\PROGRA~1\MICROS~3\Office\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - D:\Programme\Real\RealPlayer\rpshell.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - D:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - D:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - D:\WINDOWS\system32\dfshim.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software GmbH" - D:\Programme\TuneUp Utilities 2006\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software GmbH" - D:\WINDOWS\system32\uxtuneup.dll

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
<binary data> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
DirectAnimation Java Classes "DirectAnimation Java Classes" - ? -   (File not found | COM-object registry key not found) / file://D:\WINDOWS\Java\classes\dajava.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? -   (File not found | COM-object registry key not found) / file://D:\WINDOWS\Java\classes\xmldso.cab
{CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} "SysInfo Class" - "Husdawg, LLC" - D:\Programme\SystemRequirementsLab\srldetect_intel_4.3.16.0.dll / hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"Messenger" - ? - D:\Programme\Messenger\msmsgs.exe  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - D:\Dokumente und Einstellungen\Ich\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" - "Nero AG" - "D:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "D:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"ArcSoft Connection Service" - "ArcSoft Inc." - D:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
"avgnt" - "Avira GmbH" - "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"CloneCDElbyCDFL" - "Elaborate Bytes" - "C:\Programme\CloneCD\ElbyCheck.exe" /L ElbyCDFL
"iTunesHelper" - "Apple Inc." - "D:\Programme\iTunes\iTunesHelper.exe"
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "D:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"QuickTime Task" - "Apple Inc." - "D:\Programme\QuickTime\qttask.exe" -atboottime
"sfagent" - "SPAMfighter ApS" - D:\Programme\Fighters\SPAMfighter\sfagent.exe
"TkBellExe" - "RealNetworks, Inc." - "D:\Programme\Real\RealPlayer\update\realsched.exe"  -osboot

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - D:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Automatic Updates" (wuauserv) - ? - C:\WINDOWS\system32\wuauserv.dll  (File not found)
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - D:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - D:\Programme\Avira\AntiVir Desktop\sched.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - D:\Programme\Google\Update\GoogleUpdate.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - D:\Programme\iPod\bin\iPodService.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - D:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"SPAMfighter Update Service" (SPAMfighter Update Service) - "SPAMfighter ApS" - D:\Programme\Fighters\SPAMfighter\sfus.exe
"Suite Service" (Suite Service) - "SPAMfighter ApS" - D:\Programme\Fighters\FighterSuiteService.exe
"TuneUp Designerweiterung" (UxTuneUp) - "TuneUp Software GmbH" - D:\WINDOWS\System32\uxtuneup.dll

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 124):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EF000 \WINDOWS\system32\hal.dll
0xF7B09000 \WINDOWS\system32\KDCOM.DLL
0xF7A19000 \WINDOWS\system32\BOOTVID.dll
0xF75B9000 ACPI.sys
0xF7B0B000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF75A8000 pci.sys
0xF7609000 isapnp.sys
0xF7BD1000 pciide.sys
0xF7889000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF7B0D000 intelide.sys
0xF7619000 MountMgr.sys
0xF7589000 ftdisk.sys
0xF7B0F000 dmload.sys
0xF7563000 dmio.sys
0xF7891000 PartMgr.sys
0xF7629000 VolSnap.sys
0xF754B000 atapi.sys
0xF7639000 disk.sys
0xF7649000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF752B000 fltmgr.sys
0xF7519000 sr.sys
0xF7502000 KSecDD.sys
0xF7475000 Ntfs.sys
0xF7448000 NDIS.sys
0xF7659000 Combo-Fix.sys
0xF742E000 Mup.sys
0xF7679000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xF730F000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF72FB000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7929000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xF72D7000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF7931000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xF72B0000 \SystemRoot\System32\DRIVERS\e100b325.sys
0xF7689000 \SystemRoot\System32\DRIVERS\i8042prt.sys
0xF7939000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF7941000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF7949000 \SystemRoot\System32\DRIVERS\fdc.sys
0xF727C000 \SystemRoot\System32\DRIVERS\parport.sys
0xF7699000 \SystemRoot\System32\DRIVERS\serial.sys
0xF7AE5000 \SystemRoot\System32\DRIVERS\serenum.sys
0xF76A9000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7B29000 \SystemRoot\System32\Drivers\ElbyCDFL.sys
0xF76B9000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xF76C9000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF7259000 \SystemRoot\System32\DRIVERS\ks.sys
0xF7951000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF71CB000 \SystemRoot\system32\drivers\smwdm.sys
0xF71A7000 \SystemRoot\system32\drivers\portcls.sys
0xF76D9000 \SystemRoot\system32\drivers\drmk.sys
0xF7B2B000 \SystemRoot\system32\drivers\aeaudio.sys
0xF7CFF000 \SystemRoot\System32\DRIVERS\audstub.sys
0xF7959000 \SystemRoot\System32\DRIVERS\rasirda.sys
0xF7961000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xF76E9000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xF7AF1000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xF7190000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF76F9000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF7709000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF717F000 \SystemRoot\System32\DRIVERS\psched.sys
0xF7719000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xF7979000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF7981000 \SystemRoot\System32\DRIVERS\raspti.sys
0xF6CE9000 \SystemRoot\System32\DRIVERS\rdpdr.sys
0xF7729000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF7B2D000 \SystemRoot\System32\DRIVERS\swenum.sys
0xF6C4C000 \SystemRoot\System32\DRIVERS\update.sys
0xF73F9000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF7739000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7769000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF7B2F000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF7989000 \SystemRoot\System32\DRIVERS\flpydisk.sys
0xF7B31000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7C32000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B33000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7999000 \SystemRoot\System32\drivers\vga.sys
0xF7B35000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B37000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF79A1000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF79A9000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7AA5000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xEEAA9000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xEEA50000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xEEA28000 \SystemRoot\System32\DRIVERS\netbt.sys
0xEEA06000 \SystemRoot\System32\drivers\afd.sys
0xF7789000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF79B1000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xEE9DB000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xEE96B000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF77A9000 \SystemRoot\System32\Drivers\Fips.SYS
0xEE945000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xF77B9000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xEE8F6000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF7AD9000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xF7B3F000 \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys
0xF7809000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xEE8DE000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7B47000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6C34000 \SystemRoot\System32\drivers\Dxapi.sys
0xF79C9000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7CDB000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF03F000 \SystemRoot\System32\ialmdev5.DLL
0xBF06B000 \SystemRoot\System32\ialmdd5.DLL
0xEE7AF000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xEE832000 \??\D:\WINDOWS\system32\drivers\mbam.sys
0xEE721000 \SystemRoot\system32\DRIVERS\irda.sys
0xEE7CA000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xEE424000 \SystemRoot\System32\DRIVERS\mrxdav.sys
0xEE3E7000 \SystemRoot\system32\drivers\wdmaud.sys
0xEE5C1000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7B53000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xEE5F1000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0xEE0B9000 \SystemRoot\System32\DRIVERS\srv.sys
0xEDBED000 \SystemRoot\System32\Drivers\HTTP.sys
0xED988000 \SystemRoot\System32\DRIVERS\ipfltdrv.sys
0xED885000 \SystemRoot\system32\drivers\kmixer.sys
0xF7909000 \??\D:\ComboFix\catchme.sys
0xF7B43000 \??\D:\WINDOWS\system32\Drivers\PROCEXP113.SYS
0xED68C000 \??\D:\DOKUME~1\Ich\LOKALE~1\Temp\pxtdypoc.sys
0x7C910000 \WINDOWS\system32\ntdll.dll

Processes (total 209):
0 System Idle Process
4 System
596 D:\WINDOWS\system32\smss.exe
660 csrss.exe
684 D:\WINDOWS\system32\winlogon.exe
728 D:\WINDOWS\system32\services.exe
740 D:\WINDOWS\system32\lsass.exe
916 D:\WINDOWS\system32\svchost.exe
984 svchost.exe
1080 D:\WINDOWS\system32\svchost.exe
1156 svchost.exe
1288 svchost.exe
1716 D:\Programme\Avira\AntiVir Desktop\sched.exe
1804 svchost.exe
332 D:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
344 D:\Programme\Avira\AntiVir Desktop\avguard.exe
372 D:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
500 D:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
1068 D:\Programme\Avira\AntiVir Desktop\avshadow.exe
2028 D:\Programme\Fighters\SPAMfighter\sfus.exe
228 D:\WINDOWS\system32\svchost.exe
1548 D:\Programme\Fighters\FighterSuiteService.exe
384 wdfmgr.exe
288 D:\WINDOWS\system32\wscntfy.exe
212 D:\Programme\Avira\AntiVir Desktop\avgnt.exe
128 D:\Programme\Fighters\SPAMfighter\sfagent.exe
1324 D:\WINDOWS\system32\hkcmd.exe
1064 D:\Programme\Real\RealPlayer\Update\realsched.exe
1700 D:\Programme\iTunes\iTunesHelper.exe
2088 D:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
2176 D:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
2884 alg.exe
3108 D:\Programme\iPod\bin\iPodService.exe
3952 D:\WINDOWS\explorer.exe
2512 D:\Programme\Internet Explorer\iexplore.exe
3504 D:\WINDOWS\system32\ctfmon.exe
3956 D:\Programme\Internet Explorer\iexplore.exe
3592 D:\WINDOWS\system32\spoolsv.exe
2032 D:\Dokumente und Einstellungen\Ich\Desktop\osam.exe
2464 D:\WINDOWS\system32\notepad.exe
3120 D:\Dokumente und Einstellungen\Ich\Desktop\MBRCheck.exe
3444 <unknown>
1468 <unknown>
2004 <unknown>
3656 <unknown>
2444 <unknown>
1008 <unknown>
2960 <unknown>
2280 <unknown>
2484 <unknown>
1060 <unknown>
3324 <unknown>
3428 <unknown>
2620 <unknown>
2708 <unknown>
2644 <unknown>
2668 <unknown>
4088 <unknown>
1368 <unknown>
3216 <unknown>
3304 <unknown>
1924 <unknown>
4024 <unknown>
420 <unknown>
624 <unknown>
152 <unknown>
2724 <unknown>
2828 <unknown>
184 <unknown>
1664 <unknown>
3552 <unknown>
1436 <unknown>
1328 <unknown>
232 <unknown>
3380 <unknown>
3648 <unknown>
4052 <unknown>
3508 <unknown>
1428 <unknown>
460 <unknown>
3048 <unknown>
2776 <unknown>
3652 <unknown>
3964 <unknown>
2680 <unknown>
2468 <unknown>
1272 <unknown>
2916 <unknown>
224 <unknown>
2140 <unknown>
3432 <unknown>
2200 <unknown>
976 <unknown>
832 <unknown>
1780 <unknown>
3848 <unknown>
208 <unknown>
3784 <unknown>
1168 <unknown>
2720 <unknown>
1836 <unknown>
1840 <unknown>
2688 <unknown>
3932 <unknown>
2128 <unknown>
4028 <unknown>
2308 <unknown>
1352 <unknown>
2456 <unknown>
2892 <unknown>
2748 <unknown>
1944 <unknown>
2316 <unknown>
2268 <unknown>
2164 <unknown>
2992 <unknown>
2324 <unknown>
3236 <unknown>
616 <unknown>
2552 <unknown>
1296 <unknown>
2560 <unknown>
2832 <unknown>
2812 <unknown>
4064 <unknown>
3276 <unknown>
4076 <unknown>
2864 D:\Programme\Real\RealPlayer\realplay.exe
576 <unknown>
3644 <unknown>
2944 <unknown>
1912 <unknown>
1508 <unknown>
1560 <unknown>
168 <unknown>
1980 <unknown>
2932 <unknown>
3436 <unknown>
2364 <unknown>
640 <unknown>
1224 <unknown>
4084 <unknown>
2372 <unknown>
1956 <unknown>
1824 <unknown>
4060 <unknown>
2648 <unknown>
2108 <unknown>
552 <unknown>
3548 <unknown>
2924 <unknown>
3336 <unknown>
2136 <unknown>
3528 <unknown>
2628 <unknown>
956 <unknown>
2288 <unknown>
1384 D:\Programme\Real\RealPlayer\realplay.exe
2896 <unknown>
3740 <unknown>
3572 <unknown>
3860 <unknown>
4124 <unknown>
4192 <unknown>
4268 <unknown>
4336 <unknown>
4404 <unknown>
4472 <unknown>
4540 <unknown>
4608 <unknown>
4676 <unknown>
4744 <unknown>
4820 <unknown>
4888 <unknown>
4956 <unknown>
5024 <unknown>
5092 <unknown>
5160 <unknown>
5228 <unknown>
5296 D:\Programme\Real\RealPlayer\realplay.exe
5372 <unknown>
5440 <unknown>
5508 <unknown>
5576 <unknown>
5644 <unknown>
5712 <unknown>
5780 <unknown>
5848 D:\Programme\Real\RealPlayer\realplay.exe
5924 <unknown>
5992 <unknown>
6060 <unknown>
6128 <unknown>
1244 D:\Programme\Real\RealPlayer\realplay.exe
1884 <unknown>
520 <unknown>
1260 <unknown>
2012 <unknown>
4108 <unknown>
4184 <unknown>
4260 <unknown>
4496 D:\Programme\Real\RealPlayer\realplay.exe
5552 <unknown>
6012 <unknown>
3840 <unknown>
2744 <unknown>
4180 <unknown>
4656 <unknown>
4796 <unknown>
5020 <unknown>

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000004`e22d6a00 (NTFS)

PhysicalDrive0 Model Number: IC35L040AVVN07-0, Rev: VA2OAG0A

Size Device Name MBR Status
--------------------------------------------
38 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11

Done!

Google öffnet falsche Internetseiten

Log-Analyse und Auswertung: Google öffnet falsche Internetseiten

Google öffnet falsche Internetseiten

Google öffnet falsche Internetseiten

Ähnliche Themen: Google öffnet falsche Internetseiten