Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Browser starten nicht mehr, google schickt mich auf falsche Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.01.2012, 17:12   #1
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Hallo,
habe zwei Probleme. Das größere von den beiden:
Seit heute öffnet mein PC keinen Browser mehr. Ich nutze normalerweise Firefox (aktuelle Version). Ich habe auch den Internetexplorer probiert und Chrome noch installiert. Wenn ich die jeweilige exe starten möchte läd mein pc kurz und es öffnet sich garnichts (auch im Taskmanager ist nichts zu finden). Ich nutze Windows 7 mit einem 64 bit System. Andere Programme funktionieren scheinbar normal.

Mein zweites Problem (was sich natürlich derzeit ohne Browser erübrigt ) ist, dass ich bei ner google Suche immer auf falsche Seiten geschickt werde. Wenn ich dann mehrmals den "Zurück" Button drücke komme ich dann in der Regel auf die eigentlich ausgewählte Seite.

Ich benutze die Comodo Firewall + Virenscanner. Ein Virenscan hat nichts ergeben. Ein Durchlauf mit Malewarebyte hat diesmal nichts gefunden. Ich hatte schonmal Viren/Maleware Probleme in der Vergangenheit, aber diese konnten die beiden Programme beseitigen.


Hier die OTL logs:

Code:
ATTFilter
OTL logfile created on: 21.01.2012 17:45:25 - Run 6
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mark\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 55,80% Memory free
7,99 Gb Paging File | 6,12 Gb Available in Paging File | 76,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 9,17 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 44,33 Gb Free Space | 30,26% Space Free | Partition Type: NTFS
Drive E: | 166,02 Gb Total Space | 29,27 Gb Free Space | 17,63% Space Free | Partition Type: NTFS
Drive F: | 104,43 Gb Total Space | 37,64 Gb Free Space | 36,05% Space Free | Partition Type: NTFS
Drive H: | 3,91 Gb Total Space | 3,83 Gb Free Space | 98,00% Space Free | Partition Type: FAT32
 
Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mark\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - F:\poker\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - F:\poker\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (CLPSLS) -- C:\Programme\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (postgresql-8.4) -- F:\poker\PostgreSQL\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (XENfiltv) -- C:\Windows\SysNative\drivers\XENfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (smserial) -- C:\Windows\SysNative\drivers\SmSerl64.sys (Motorola Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.qip.ru/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 8B 12 10 59 D1 CA 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.qip.ru/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\InprocServer32 File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:62141
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: handfire@thehandconverter.com:0.1.5
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 62141
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.23 14:45:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.09 16:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.07 19:02:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.15 20:54:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.08.18 15:12:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.15 20:54:48 | 000,000,000 | ---D | M]
 
[2010.04.01 06:58:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\mozilla\Extensions
[2010.04.01 06:58:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.01.10 20:39:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions
[2011.06.12 14:27:55 | 000,000,000 | ---D | M] (QipAuthorizer) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
[2012.01.05 01:39:55 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.07.04 14:54:25 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.10.15 18:46:25 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.04.25 20:54:40 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\battlefieldplay4free@ea.com
[2011.04.21 01:55:55 | 000,000,000 | ---D | M] ("bug489729") -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\bug489729@alice0775
[2010.04.07 19:16:34 | 000,000,000 | ---D | M] ("Handfire") -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\handfire@thehandconverter.com
[2010.12.04 15:24:04 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Mark\AppData\Roaming\mozilla\Firefox\Profiles\mfzfdpv8.default\extensions\vshare@toolbar
[2012.01.01 18:36:36 | 000,002,391 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\askcom.xml
[2012.01.17 15:44:15 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-1.xml
[2010.11.27 00:00:16 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-10.xml
[2010.12.13 01:29:21 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-11.xml
[2011.03.03 22:07:03 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-12.xml
[2011.03.06 15:34:28 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-13.xml
[2011.03.25 16:02:54 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-14.xml
[2011.04.07 01:45:18 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-15.xml
[2011.06.21 21:15:09 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-16.xml
[2011.08.17 19:01:20 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-17.xml
[2011.09.01 11:55:32 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-18.xml
[2011.09.07 17:37:18 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-19.xml
[2010.06.24 18:05:13 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-2.xml
[2011.09.11 18:32:34 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-20.xml
[2011.10.01 14:39:17 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-21.xml
[2011.10.06 15:14:07 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-22.xml
[2011.11.08 19:39:13 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-23.xml
[2012.01.01 18:39:32 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-24.xml
[2012.01.07 19:02:16 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-25.xml
[2012.01.11 01:30:15 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-26.xml
[2010.07.21 15:11:32 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-3.xml
[2010.07.24 15:16:13 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-4.xml
[2010.09.08 22:12:23 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-5.xml
[2010.09.17 10:51:16 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-6.xml
[2010.10.20 14:19:19 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-7.xml
[2010.10.28 19:20:11 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-8.xml
[2010.10.30 11:11:41 | 000,000,950 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\icqplugin.xml
[2011.06.13 12:32:41 | 000,002,062 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\qip-search.xml
[2011.10.15 18:46:15 | 000,003,915 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\searchplugins\sweetim.xml
[2012.01.11 01:30:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.09 16:04:18 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MFZFDPV8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MFZFDPV8.DEFAULT\EXTENSIONS\FFXTLBR@FACEMOODS.COM.XPI
() (No name found) -- C:\USERS\MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MFZFDPV8.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
[2012.01.07 19:02:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.10.01 14:38:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.01 14:38:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.01 14:38:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.02.28 20:00:31 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2011.10.01 14:38:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.01 14:38:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.01 14:38:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RayV Plugin (Enabled) = C:\Program Files (x86)\RayV\RayV\plugins\nprayvplugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Mark\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: No name found = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Mark\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO] C:\Programme\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Programme\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Steam] F:\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - e:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - f:\poker\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - f:\poker\PartyGaming\PartyPoker\RunApp.exe ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A25F6BA-D8E7-4EA0-9407-9F8E5E0EA8CA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A25F6BA-D8E7-4EA0-9407-9F8E5E0EA8CA}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BFBC0C73-8713-4369-8AD9-1C5E85151453}: NameServer = 8.26.56.26,156.154.70.22
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {39574CB9-3CEB-BEED-8769-A82FA24D98F8} - Java (Sun)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^Users^Mark^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: IAAnotif - hkey= - key= - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: KPeerNexonEU - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
MsConfig:64bit - StartUpReg: QIP Internet Guardian - hkey= - key= - C:\Users\Mark\AppData\Roaming\QipGuard\QipGuard.exe ()
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RayV - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.21 17:04:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.exe
[2012.01.21 17:04:22 | 015,134,848 | ---- | C] (Mozilla) -- C:\Users\Mark\Desktop\Firefox_Setup_9.0.1.exe
[2012.01.21 16:43:23 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Mark\Desktop\HiJackThis.exe
[2012.01.21 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.01.15 20:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.01.15 20:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.01.14 12:43:17 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.14 12:43:16 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.14 12:43:16 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.14 12:43:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.14 12:43:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.14 12:43:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.12 21:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012.01.11 20:56:17 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 20:56:16 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 20:56:16 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 20:56:15 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 20:56:14 | 000,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.01.11 20:56:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.01.11 20:56:12 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 20:56:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 20:56:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.11 16:54:16 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.11 16:54:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.01.11 16:42:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.01.11 16:42:21 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.01.11 16:42:21 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.01.11 16:42:21 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.01.11 16:42:21 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.01.11 12:34:47 | 000,000,000 | -HSD | C] -- C:\found.000
[2012.01.11 01:42:50 | 000,000,000 | ---D | C] -- C:\Users\Mark\Desktop\Sonstiges
[2012.01.11 01:31:36 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.09 16:04:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012.01.09 16:04:06 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012.01.09 16:03:52 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012.01.09 16:03:52 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012.01.09 16:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012.01.09 16:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012.01.09 16:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012.01.09 16:03:05 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Real
[2011.12.25 19:24:19 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Skyrim
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.21 17:44:44 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012.01.21 16:46:20 | 001,644,414 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.21 16:46:20 | 000,708,168 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.21 16:46:20 | 000,661,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.21 16:46:20 | 000,153,622 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.21 16:46:20 | 000,125,810 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.21 14:37:35 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.21 14:37:35 | 000,013,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.21 14:35:55 | 000,002,358 | ---- | M] () -- C:\Users\Mark\Desktop\Google Chrome.lnk
[2012.01.21 12:17:01 | 000,001,138 | ---- | M] () -- C:\Users\Mark\Desktop\Mozilla Firefox.lnk
[2012.01.21 12:14:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.21 12:14:37 | 3217,178,624 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.21 04:39:20 | 000,050,477 | ---- | M] () -- C:\Users\Mark\Desktop\Defogger.exe
[2012.01.21 04:38:40 | 015,134,848 | ---- | M] (Mozilla) -- C:\Users\Mark\Desktop\Firefox_Setup_9.0.1.exe
[2012.01.21 04:33:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.exe
[2012.01.21 04:04:54 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Mark\Desktop\HiJackThis.exe
[2012.01.18 19:31:32 | 000,077,282 | ---- | M] () -- C:\Users\Mark\Desktop\12_Vorbereitung_Klausur_EinführWipäd_WS11_12.pdf
[2012.01.15 20:54:49 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.01.11 19:19:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.11 18:15:45 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.11 16:42:04 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.01.11 16:42:04 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.11 16:42:04 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.01.11 16:42:04 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.01.11 16:42:04 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.01.09 16:04:35 | 000,001,358 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012.01.09 16:04:06 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012.01.09 16:03:52 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012.01.09 16:03:52 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012.01.08 18:48:08 | 001,622,308 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.02 21:36:58 | 002,014,308 | ---- | M] () -- C:\Users\Mark\Desktop\0_EinführungWipäd_WS11_12.pdf
[2011.12.28 23:50:05 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Mark.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.01.21 17:04:16 | 000,050,477 | ---- | C] () -- C:\Users\Mark\Desktop\Defogger.exe
[2012.01.21 14:33:29 | 000,002,358 | ---- | C] () -- C:\Users\Mark\Desktop\Google Chrome.lnk
[2012.01.21 12:17:01 | 000,001,138 | ---- | C] () -- C:\Users\Mark\Desktop\Mozilla Firefox.lnk
[2012.01.18 19:31:31 | 000,077,282 | ---- | C] () -- C:\Users\Mark\Desktop\12_Vorbereitung_Klausur_EinführWipäd_WS11_12.pdf
[2012.01.15 20:54:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.01.15 20:54:49 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.01.11 18:15:45 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.09 16:04:35 | 000,001,358 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012.01.02 21:36:56 | 002,014,308 | ---- | C] () -- C:\Users\Mark\Desktop\0_EinführungWipäd_WS11_12.pdf
[2011.11.04 01:06:36 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.11.04 01:06:36 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.08.10 01:55:50 | 000,001,801 | ---- | C] () -- C:\Windows\XENcfg.ini
[2011.08.10 01:55:48 | 000,182,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.08.10 01:55:48 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.08.04 12:52:26 | 000,000,000 | ---- | C] () -- C:\Users\Mark\AppData\Local\{CF698085-65E6-4531-95B8-E936CDB73A9A}
[2011.06.13 01:04:32 | 000,000,092 | ---- | C] () -- C:\Users\Mark\AppData\Local\fusioncache.dat
[2011.05.25 00:09:57 | 001,622,308 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.20 21:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2010.11.15 00:36:43 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.11.15 00:36:42 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.08.03 14:28:00 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.04.09 19:26:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.02 12:34:05 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010.04.01 07:11:21 | 000,005,104 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009.08.19 06:15:08 | 000,000,388 | ---- | C] () -- C:\Windows\XENMCcfg.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.03.24 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\.minecraft
[2011.03.21 03:56:41 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\.minecraft server
[2011.11.05 14:10:59 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\29FB9
[2011.11.08 18:56:17 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\34B99
[2011.11.07 01:19:59 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\9976C
[2011.05.05 16:09:41 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Canneverbe Limited
[2011.01.08 04:11:50 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\EBookSys
[2011.06.17 15:59:35 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\HLSW
[2012.01.21 17:44:16 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\ICQ
[2011.07.20 23:12:31 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Intermedia Software
[2011.07.24 13:19:52 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Leadertech
[2011.05.23 00:30:55 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\LolClient
[2010.07.27 10:24:52 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\OpenOffice.org
[2011.06.12 14:28:16 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\QIP
[2011.06.12 14:28:07 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\QipGuard
[2012.01.11 01:36:24 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\RayV
[2010.04.01 07:05:25 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Thunderbird
[2011.12.08 18:59:01 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\TS3Client
[2011.07.20 00:54:53 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\ts3overlay
[2011.07.04 17:55:26 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Unity
[2011.11.04 13:49:03 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011.12.04 15:31:02 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.04.01 05:45:05 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.27 13:46:25 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.04.01 05:44:41 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.01.11 12:34:47 | 000,000,000 | -HSD | M] -- C:\found.000
[2010.08.24 01:06:09 | 000,000,000 | ---D | M] -- C:\Intel
[2012.01.11 01:31:56 | 000,000,000 | ---D | M] -- C:\Nexon
[2010.04.01 06:11:28 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.12.08 17:04:08 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.15 20:53:56 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.01.12 21:50:42 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.04.01 05:44:41 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.04.01 05:44:41 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.01.21 17:46:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.12.20 16:08:17 | 000,000,000 | ---D | M] -- C:\Temp
[2011.05.24 23:05:02 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.06 02:55:55 | 000,000,000 | -H-D | M] -- C:\VritualRoot
[2012.01.11 19:23:48 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: AFD.SYS  >
[2011.04.25 03:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009.07.14 00:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2010.11.20 10:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\SysNative\drivers\afd.sys
[2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011.04.25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011.04.25 03:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >
         

Code:
ATTFilter
OTL Extras logfile created on: 21.01.2012 17:45:25 - Run 6
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Mark\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,99 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 55,80% Memory free
7,99 Gb Paging File | 6,12 Gb Available in Paging File | 76,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 9,17 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 44,33 Gb Free Space | 30,26% Space Free | Partition Type: NTFS
Drive E: | 166,02 Gb Total Space | 29,27 Gb Free Space | 17,63% Space Free | Partition Type: NTFS
Drive F: | 104,43 Gb Total Space | 37,64 Gb Free Space | 36,05% Space Free | Partition Type: NTFS
Drive H: | 3,91 Gb Total Space | 3,83 Gb Free Space | 98,00% Space Free | Partition Type: FAT32
 
Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series" = Canon iP2700 series Printer Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4EAB2511-0135-48CA-A47B-CE1E6836793A}" = COMODO Internet Security
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 275.33
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0ADF1B89-17EA-489C-86DF-6E33DA8520A6}_is1" = flatster
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DF3688-6EF3-4C86-83DE-54AB46029F07}" = Hellgate
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{8624888C-A959-45A5-98F4-292E956325EA}" = LECTURNITY Player
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93CFCA51-4484-4211-89EB-39ED3CBDBEB1}" = Sound Blaster Tactic(3D) Sigma
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B42A6552-1A83-4D79-9137-AB0C9036249A}" = Quake Live Mozilla Plugin
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"1180-6883-2514-0226-trickyplay-PROD" = Trickyplay
"COMODO GeekBuddy" = COMODO GeekBuddy
"Crazy Machines Gold Edition" = Crazy Machines Gold Edition 1.0 
"Diablo II" = Diablo II
"DivX Setup" = DivX-Setup
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"ESET Online Scanner" = ESET Online Scanner v3
"FLV Player" = FLV Player 2.0 (build 25)
"HLSW_is1" = HLSW v1.3.3.8c
"hon" = Heroes of Newerth
"InstallShield_{045A9539-37B6-464D-94F9-E4ADFA856903}" = PokerStrategy.com Equilator
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de)
"NSS" = Norton Security Scan
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PartyPoker" = PartyPoker
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"r3dn3cK´s Settings Deluxe" = r3dn3cK´s Settings Deluxe v1.1 
"RealPlayer 15.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"StarCraft II" = StarCraft II
"Steam App 10" = Counter-Strike
"Steam App 240" = Counter-Strike: Source
"Steam App 300" = Day of Defeat: Source
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 570" = Dota 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 3.0.9044
"Winamp Detect" = Winamp Anwendungserkennung
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         

Alt 22.01.2012, 02:04   #2
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten





Mein Name ist Daniel und ich werde dir mit deinem Malware Relevanten Problemen helfen.

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen erst einmal durch. Sollte irgendetwas unklar sein, Frage bevor du beginnst.
  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
  • Sollte ich auf diese, sowie allen weiteren Antworten, innerhalb von 3 Tagen keine Antwort von dir erhalten, werde ich das Thema aus meinen Abonnements löschen.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst und Installiere / Deinstalliere keine Software ohne Aufforderung.
  • Poste die Logfiles direkt in deinen Thread und nicht als Anhang, ausser du wurdest dazu aufgefordert. Erschwert mir das Auswerten.



Lade Dir Gmer von dieser Seite herunter
(auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
  • alle anderen Scanner gegen Viren, Spyware, usw. deaktivieren
  • Alle anderen Programme sollen geschlossen sein.
  • Starte gmer.exe (Programm hat einen willkürlichen Programm-Namen).
    Vista und Win7 User mit Rechtsklick und als Administrator starten.
  • Sollte sich ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei:
    • IAT/EAT
    • Alle Festplatten ausser die Systemplatte (normalerweise ist nur C:\ angehackt)
    • Show all (sollte abgehackt sein)
  • Starte den Scan mit "Scan". Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!



Bitte poste in deiner nächsten Antwort
gmer.txt
__________________

__________________

Alt 22.01.2012, 19:58   #3
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Vielen Dank schonmal.

Seit heute geht scheinbar Firefox wieder. Ich weiß aber nicht warum. Habe nichts verändert.

Was ich noch vergessen hatte. Es ploppt im Hintergrund ständig ein kleines Fenster auf:

"Meldung von Website

Stack overflow at line: xx (beliebige Zahl)"

Hier der Log. Ich hoffe ich habe alles richtig gemacht: (als ich das Programm gestartet habe war zB. garkein Hacken bei IAT/EAT)

Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-01-22 13:35:31
Windows 6.1.7601 Service Pack 1 
Running: hzciyme6.exe


---- Services - GMER 1.0.15 ----

Service                                                                                                                                                                   .NET CLR Data
Service                                                                                                                                                                   .NET CLR Networking
Service                                                                                                                                                                   .NET CLR Networking 4.0.0.0
Service                                                                                                                                                                   .NET Data Provider for Oracle
Service                                                                                                                                                                   .NET Data Provider for SqlServer
Service                                                                                                                                                                   .NET Memory Cache 4.0
Service                                                                                                                                                                   .NETFramework
Service  system32\drivers\1394ohci.sys (1394 OpenHCI Driver/Microsoft Corporation)                                                                                        [MANUAL] 1394ohci
Service  system32\drivers\ACPI.sys (ACPI-Treiber für NT/Microsoft Corporation)                                                                                            [BOOT] ACPI
Service  system32\drivers\acpipmi.sys (ACPI Power Metering Driver/Microsoft Corporation)                                                                                  [MANUAL] AcpiPmi
Service  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/Adobe Systems Incorporated)                                           [AUTO] AdobeARMservice
Service  system32\DRIVERS\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.)                                                                            [MANUAL] adp94xx
Service  system32\DRIVERS\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.)                                                                                [MANUAL] adpahci
Service  system32\DRIVERS\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver (X64)/Adaptec, Inc.)                                                                         [MANUAL] adpu320
Service                                                                                                                                                                   adsi
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] AeLookupSvc
Service  system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation)                                                                           [SYSTEM] AFD
Service  system32\drivers\agp440.sys (440 NT AGP-Filter/Microsoft Corporation)                                                                                            [MANUAL] agp440
Service  C:\Windows\System32\alg.exe (Gatewaydienst auf Anwendungsebene/Microsoft Corporation)                                                                            [MANUAL] ALG
Service  system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.)                                                                                         [MANUAL] aliide
Service  system32\drivers\amdide.sys (AMD-IDE-Treiber/Microsoft Corporation)                                                                                              [MANUAL] amdide
Service  system32\DRIVERS\amdk8.sys (Processor Device Driver/Microsoft Corporation)                                                                                       [MANUAL] AmdK8
Service  system32\DRIVERS\amdppm.sys (Processor Device Driver/Microsoft Corporation)                                                                                      [MANUAL] AmdPPM
Service  system32\drivers\amdsata.sys (AHCI 1.2 Device Driver/Advanced Micro Devices)                                                                                     [MANUAL] amdsata
Service  system32\DRIVERS\amdsbs.sys (AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform/AMD Technologies Inc.)                                [MANUAL] amdsbs
Service  system32\drivers\amdxata.sys (Storage Filter Driver/Advanced Micro Devices)                                                                                      [BOOT] amdxata
Service  system32\drivers\appid.sys (AppID Driver/Microsoft Corporation)                                                                                                  [MANUAL] AppID
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] AppIDSvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] Appinfo
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] AppMgmt
Service  system32\DRIVERS\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.)                                                                                            [MANUAL] arc
Service  system32\DRIVERS\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.)                                                                                         [MANUAL] arcsas
Service                                                                                                                                                                   ASP.NET
Service                                                                                                                                                                   ASP.NET_1.1.4322
Service                                                                                                                                                                   ASP.NET_4.0.30319
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (Microsoft ASP.NET State Server/Microsoft Corporation)                                          [MANUAL] aspnet_state
Service  system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation)                                                                     [MANUAL] AsyncMac
Service  system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation)                                                                                     [BOOT] atapi
Service  system32\DRIVERS\atksgt.sys                                                                                                                                      [AUTO] atksgt
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] AudioEndpointBuilder
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] AudioSrv
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] AxInstSV
Service  system32\DRIVERS\bxvbda.sys (Broadcom NetXtreme II GigE VBD/Broadcom Corporation)                                                                                [MANUAL] b06bdrv
Service  system32\DRIVERS\b57nd60a.sys (Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver./Broadcom Corporation)                                                 [MANUAL] b57nd60a
Service   (Battery Class Driver/Microsoft Corporation)                                                                                                                    BattC
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] BDESVC
Service   (BEEP Driver/Microsoft Corporation)                                                                                                                             [SYSTEM] Beep
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] BFE
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] BITS
Service  system32\DRIVERS\blbdrive.sys (BLB Drive Driver/Microsoft Corporation)                                                                                           [SYSTEM] blbdrive
Service  system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation)                                                                      [MANUAL] bowser
Service  system32\DRIVERS\BrFiltLo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.)                                               [MANUAL] BrFiltLo
Service  system32\DRIVERS\BrFiltUp.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.)                                               [MANUAL] BrFiltUp
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] Browser
Service  System32\Drivers\Brserid.sys (Brother Schnittstellentreiber (WDM) (seriell)/Brother Industries Ltd.)                                                             [MANUAL] Brserid
Service  System32\Drivers\BrSerWdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.)                                                                      [MANUAL] BrSerWdm
Service  System32\Drivers\BrUsbMdm.sys (Brother USB MDM Driver /Brother Industries Ltd.)                                                                                  [MANUAL] BrUsbMdm
Service  System32\Drivers\BrUsbSer.sys (Brother USB Serial Driver/Brother Industries Ltd.)                                                                                [MANUAL] BrUsbSer
Service  system32\DRIVERS\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation)                                                                            [MANUAL] BTHMODEM
Service                                                                                                                                                                   BTHPORT
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] bthserv
Service  system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation)                                                                                      [DISABLED] cdfs
Service  system32\drivers\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation)                                                                                            [SYSTEM] cdrom
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] CertPropSvc
Service  system32\DRIVERS\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation)                                                                         [MANUAL] circlass
Service  System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation)                                                                                          [BOOT] CLFS
Service  C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO livePCsupport Service/COMODO)                                                                        [AUTO] CLPSLS
Service  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation)                                             [DISABLED] clr_optimization_v2.0.50727_32
Service  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation)                                           [DISABLED] clr_optimization_v2.0.50727_64
Service  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation)                                             [AUTO] clr_optimization_v4.0.30319_32
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation)                                           [AUTO] clr_optimization_v4.0.30319_64
Service  system32\DRIVERS\CmBatt.sys (Control Method Battery Driver/Microsoft Corporation)                                                                                [MANUAL] CmBatt
Service  C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)                                                                  [AUTO] cmdAgent
Service  System32\DRIVERS\cmderd.sys (COMODO Internet Security Eradication Driver/COMODO)                                                                                 [SYSTEM] cmderd
Service  System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO)                                                                                   [SYSTEM] cmdGuard
Service  System32\DRIVERS\cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)                                                                                      [SYSTEM] cmdHlp
Service  system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.)                                                                                        [MANUAL] cmdide
Service  System32\Drivers\cng.sys (Kernel Cryptography, Next Generation/Microsoft Corporation)                                                                            [BOOT] CNG
Service  system32\DRIVERS\compbatt.sys (Composite Battery Driver/Microsoft Corporation)                                                                                   [BOOT] Compbatt
Service  system32\drivers\CompositeBus.sys (Multi-Transport Composite Bus Enumerator/Microsoft Corporation)                                                               [MANUAL] CompositeBus
Service  C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation)                                                                                            [MANUAL] COMSysApp
Service  system32\DRIVERS\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation)                                                                       [DISABLED] crcdisk
Service  C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (System Level Service Utility/Creative Labs)                                   [MANUAL] Creative ALchemy AL6 Licensing Service
Service  C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (System Level Service Utility/Creative Labs)                                  [MANUAL] Creative Audio Engine Licensing Service
Service                                                                                                                                                                   crypt32
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] CryptSvc
Service  system32\drivers\csc.sys (Windows Client Side Caching Driver/Microsoft Corporation)                                                                              [SYSTEM] CSC
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] CscService
Service  C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Audio Service/Creative Technology Ltd)                                                       [AUTO] CTAudSvcService
Service                                                                                                                                                                   DCLocator
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] DcomLaunch
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] defragsvc
Service  System32\Drivers\dfsc.sys (DFS Namespace Client Driver/Microsoft Corporation)                                                                                    [SYSTEM] DfsC
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Dhcp
Service  System32\drivers\discache.sys (System Indexer/Cache Driver/Microsoft Corporation)                                                                                [SYSTEM] discache
Service  system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation)                                                                                                [BOOT] Disk
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Dnscache
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] dot3svc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] DPS
Service  system32\drivers\drmkaud.sys (Microsoft Trusted Audio Drivers/Microsoft Corporation)                                                                             [MANUAL] drmkaud
Service  System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation)                                                                                     [MANUAL] DXGKrnl
Service  C:\Windows\system32\drivers\EagleX64.sys                                                                                                                         [MANUAL] EagleX64
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] EapHost
Service  system32\DRIVERS\evbda.sys (Broadcom NetXtreme II 10 GigE VBD/Broadcom Corporation)                                                                              [MANUAL] ebdrv
Service  C:\Windows\System32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [MANUAL] EFS
Service  C:\Windows\ehome\ehRecvr.exe (Windows Media Center-Empfängerdienst/Microsoft Corporation)                                                                        [MANUAL] ehRecvr
Service  C:\Windows\ehome\ehsched.exe (Windows Media Center-Planerdienst/Microsoft Corporation)                                                                           [MANUAL] ehSched
Service  system32\DRIVERS\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex)                                                                               [MANUAL] elxstor
Service  system32\drivers\errdev.sys (Error Device Driver/Microsoft Corporation)                                                                                          [MANUAL] ErrDev
Service                                                                                                                                                                   ESENT
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] eventlog
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] EventSystem
Service   (Microsoft Extended FAT File System/Microsoft Corporation)                                                                                                      [MANUAL] exfat
Service   (Fast FAT File System Driver/Microsoft Corporation)                                                                                                             [MANUAL] fastfat
Service  C:\Windows\system32\fxssvc.exe (Fax Service/Microsoft Corporation)                                                                                               [MANUAL] Fax
Service  system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation)                                                                                   [MANUAL] fdc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] fdPHost
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] FDResPub
Service  system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation)                                                                                     [BOOT] FileInfo
Service  system32\drivers\filetrace.sys (File Trace Filter Driver/Microsoft Corporation)                                                                                  [MANUAL] Filetrace
Service  system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation)                                                                                              [MANUAL] flpydisk
Service  system32\drivers\fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)                                                                         [BOOT] FltMgr
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] FontCache
Service  C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (PresentationFontCache.exe/Microsoft Corporation)                                        [MANUAL] FontCache3.0.0.0
Service  System32\drivers\FsDepends.sys (File System Dependency Manager Mini Filter Driver/Microsoft Corporation)                                                         [MANUAL] FsDepends
Service   (File System Recognizer Driver/Microsoft Corporation)                                                                                                           [BOOT] Fs_Rec
Service  System32\DRIVERS\fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)                                                                            [BOOT] fvevol
Service  system32\DRIVERS\gagp30kx.sys (MS Generischer AGPv3.0 Filter für K8/9-Prozessorplattformen/Microsoft Corporation)                                                [MANUAL] gagp30kx
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] gpsvc
Service  system32\DRIVERS\hamachi.sys (Hamachi Virtual Network Interface Driver/LogMeIn, Inc.)                                                                            [MANUAL] hamachi
Service  C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Hamachi Client Tunneling Engine/LogMeIn Inc.)                                                              [AUTO] Hamachi2Svc
Service  system32\drivers\hcw85cir.sys (Hauppauge WinTV 885 Consumer IR Driver for eHome/Hauppauge Computer Works, Inc.)                                                  [MANUAL] hcw85cir
Service  system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation)                                                                       [MANUAL] HdAudAddService
Service  system32\drivers\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation)                                                                           [MANUAL] HDAudBus
Service  system32\DRIVERS\HidBatt.sys (Hid Battery Driver/Microsoft Corporation)                                                                                          [MANUAL] HidBatt
Service  system32\DRIVERS\hidbth.sys (Bluetooth-Miniporttreiber für HID-Geräte/Microsoft Corporation)                                                                     [MANUAL] HidBth
Service  system32\DRIVERS\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation)                                                                    [MANUAL] HidIr
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] hidserv
Service  system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation)                                                                        [MANUAL] HidUsb
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] hkmsvc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] HomeGroupListener
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] HomeGroupProvider
Service  system32\drivers\HpSAMD.sys (Smart Array SAS/SATA Controller Media Driver/Hewlett-Packard Company)                                                               [MANUAL] HpSAMD
Service  system32\drivers\HTTP.sys (HTTP-Protokollstapel/Microsoft Corporation)                                                                                           [MANUAL] HTTP
Service  System32\drivers\hwpolicy.sys (Hardware Policy Driver/Microsoft Corporation)                                                                                     [BOOT] hwpolicy
Service  system32\drivers\i8042prt.sys (i8042-Anschlusstreiber/Microsoft Corporation)                                                                                     [MANUAL] i8042prt
Service  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (RAID Monitor/Intel Corporation)                                                          [AUTO] IAANTMON
Service  system32\DRIVERS\iaStor.sys (Intel Matrix Storage Manager driver - x64/Intel Corporation)                                                                        [BOOT] iaStor
Service  system32\drivers\iaStorV.sys (Intel Matrix Storage Manager driver - x64/Intel Corporation)                                                                       [MANUAL] iaStorV
Service  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation)                                [MANUAL] idsvc
Service  system32\DRIVERS\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH)                                                                          [MANUAL] iirsp
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] IKEEXT
Service                                                                                                                                                                   inetaccs
Service  system32\DRIVERS\inspect.sys (COMODO Internet Security Firewall Driver/COMODO)                                                                                   [SYSTEM] inspect
Service  system32\drivers\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation)                                                                                       [MANUAL] intelide
Service  system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation)                                                                                    [MANUAL] intelppm
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] IPBusEnum
Service  system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation)                                                                                           [MANUAL] IpFilterDriver
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] iphlpsvc
Service  system32\drivers\IPMIDrv.sys (WMI IPMI-TREIBER/Microsoft Corporation)                                                                                            [MANUAL] IPMIDRV
Service  System32\drivers\ipnat.sys (IP Network Address Translator/Microsoft Corporation)                                                                                 [MANUAL] IPNAT
Service  system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation)                                                                                     [MANUAL] IRENUM
Service  system32\drivers\isapnp.sys (PNP-ISA-Bustreiber/Microsoft Corporation)                                                                                           [MANUAL] isapnp
Service  system32\drivers\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation)                                                                            [MANUAL] iScsiPrt
Service  system32\DRIVERS\kbdclass.sys (Tastaturklassentreiber/Microsoft Corporation)                                                                                     [MANUAL] kbdclass
Service  system32\DRIVERS\kbdhid.sys (HID-Tastaturfiltertreiber/Microsoft Corporation)                                                                                    [MANUAL] kbdhid
Service  C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [MANUAL] KeyIso
Service  System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation)                                                                   [BOOT] KSecDD
Service  System32\Drivers\ksecpkg.sys (Kernel Security Support Provider Interface Packages/Microsoft Corporation)                                                         [BOOT] KSecPkg
Service  system32\drivers\ksthunk.sys (Kernel Streaming WOW Thunk Service/Microsoft Corporation)                                                                          [MANUAL] ksthunk
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] KtmRm
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] LanmanServer
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] LanmanWorkstation
Service                                                                                                                                                                   ldap
Service  system32\DRIVERS\lirsgt.sys                                                                                                                                      [AUTO] lirsgt
Service  system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation)                                                                        [AUTO] lltdio
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] lltdsvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] lmhosts
Service                                                                                                                                                                   Lsa
Service  system32\DRIVERS\lsi_fc.sys (LSI Fusion-MPT FC Driver (StorPort)/LSI Corporation)                                                                                [MANUAL] LSI_FC
Service  system32\DRIVERS\lsi_sas.sys (LSI Fusion-MPT SAS Driver (StorPort)/LSI Corporation)                                                                              [MANUAL] LSI_SAS
Service  system32\DRIVERS\lsi_sas2.sys (LSI SAS Gen2 Driver (StorPort)/LSI Corporation)                                                                                   [MANUAL] LSI_SAS2
Service  system32\DRIVERS\lsi_scsi.sys (LSI Fusion-MPT SCSI Driver (StorPort)/LSI Corporation)                                                                            [MANUAL] LSI_SCSI
Service  system32\drivers\luafv.sys (LUA-Filtertreiber zur Dateivirtualisierung/Microsoft Corporation)                                                                    [AUTO] luafv
Service  C:\Windows\system32\drivers\mbam.sys (Malwarebytes' Anti-Malware/Malwarebytes Corporation)                                                                       [MANUAL] MBAMProtector
Service  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe ( Malwarebytes Anti-Malware /Malwarebytes Corporation)                                           [AUTO] MBAMService
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [DISABLED] Mcx2Svc
Service  system32\DRIVERS\megasas.sys (MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64/LSI Corporation)                                               [MANUAL] megasas
Service  system32\DRIVERS\MegaSR.sys (LSI MegaRAID Software RAID Driver/LSI Corporation, Inc.)                                                                            [MANUAL] MegaSR
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] MMCSS
Service  system32\drivers\modem.sys (Modemgerätetreiber/Microsoft Corporation)                                                                                            [MANUAL] Modem
Service  system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation)                                                                                              [MANUAL] monitor
Service  system32\drivers\mouclass.sys (Mausklassentreiber/Microsoft Corporation)                                                                                         [MANUAL] mouclass
Service  system32\DRIVERS\mouhid.sys (HID-Mausfiltertreiber/Microsoft Corporation)                                                                                        [MANUAL] mouhid
Service  System32\drivers\mountmgr.sys (Bereitstellungspunkt-Manager/Microsoft Corporation)                                                                               [BOOT] mountmgr
Service  system32\drivers\mpio.sys (Multipfad-Supportbustreiber/Microsoft Corporation)                                                                                    [MANUAL] mpio
Service  System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation)                                                                          [MANUAL] mpsdrv
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] MpsSvc
Service  system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation)                                                                                    [MANUAL] MRxDAV
Service  system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)                                                                                       [MANUAL] mrxsmb
Service  system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation)                                                                              [MANUAL] mrxsmb10
Service  system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation)                                                                                [MANUAL] mrxsmb20
Service  system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation)                                                                                  [BOOT] msahci
Service  system32\drivers\msdsm.sys (Gerätespezifisches Modul von Microsoft/Microsoft Corporation)                                                                        [MANUAL] msdsm
Service  C:\Windows\System32\msdtc.exe (Microsoft Distributed Transaction Coordinator-Dienst/Microsoft Corporation)                                                       [MANUAL] MSDTC
Service                                                                                                                                                                   MSDTC Bridge 3.0.0.0
Service                                                                                                                                                                   MSDTC Bridge 4.0.0.0
Service   (Mailslot driver/Microsoft Corporation)                                                                                                                         [SYSTEM] Msfs
Service  System32\drivers\mshidkmdf.sys (Pass-through HID to KMDF Filter Driver/Microsoft Corporation)                                                                    [MANUAL] mshidkmdf
Service  system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation)                                                                                                 [BOOT] msisadrv
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] MSiSCSI
Service  C:\Windows\system32\msiexec.exe (Windows® Installer/Microsoft Corporation)                                                                                       [MANUAL] msiserver
Service  system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation)                                                                                                [MANUAL] MSKSSRV
Service  system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation)                                                                                             [MANUAL] MSPCLOCK
Service  system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation)                                                                                      [MANUAL] MSPQM
Service   (Kernel Remote Procedure Call Provider/Microsoft Corporation)                                                                                                   [MANUAL] MsRPC
Service                                                                                                                                                                   MSSCNTRS
Service  system32\drivers\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation)                                                                              [SYSTEM] mssmbios
Service  system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation)                                                                       [MANUAL] MSTEE
Service  system32\DRIVERS\MTConfig.sys (HID-Treiber für Mehrfingereingabe von Microsoft/Microsoft Corporation)                                                            [MANUAL] MTConfig
Service  System32\Drivers\mup.sys (Multiple UNC Provider Driver/Microsoft Corporation)                                                                                    [BOOT] Mup
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] napagent
Service  system32\DRIVERS\nwifi.sys (Systemeigener WiFi-Miniporttreiber/Microsoft Corporation)                                                                            [MANUAL] NativeWifiP
Service  system32\drivers\ndis.sys (NDIS 6.20-Treiber/Microsoft Corporation)                                                                                              [BOOT] NDIS
Service  system32\DRIVERS\ndiscap.sys (NDIS Packet Capture Filter Driver/Microsoft Corporation)                                                                           [MANUAL] NdisCap
Service  system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation)                                                                         [MANUAL] NdisTapi
Service  system32\DRIVERS\ndisuio.sys (E/A-Treiber für NDIS-Benutzermodus/Microsoft Corporation)                                                                          [MANUAL] Ndisuio
Service  system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation)                                                                   [MANUAL] NdisWan
Service   (NDIS Proxy/Microsoft Corporation)                                                                                                                              [MANUAL] NDProxy
Service  system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation)                                                                                    [SYSTEM] NetBIOS
Service  System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation)                                                                                          [SYSTEM] NetBT
Service  C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [MANUAL] Netlogon
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] Netman
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation)                                                              [DISABLED] NetMsmqActivator
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation)                                                              [DISABLED] NetPipeActivator
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] netprofm
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation)                                                              [DISABLED] NetTcpActivator
Service  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation)                                                              [DISABLED] NetTcpPortSharing
Service  system32\DRIVERS\netw5v64.sys (Intel® Wireless WiFi Link Driver/Intel Corporation)                                                                               [MANUAL] netw5v64
Service  system32\DRIVERS\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation)                                                                                   [MANUAL] nfrd960
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] NlaSvc
Service                                                                                                                                                                   NMSAccess
Service                                                                                                                                                                   NMSAccessU
Service   (NPFS Driver/Microsoft Corporation)                                                                                                                             [SYSTEM] Npfs
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] nsi
Service  system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation)                                                                                                  [SYSTEM] nsiproxy
Service                                                                                                                                                                   NTDS
Service   (NT-Dateisystemtreiber/Microsoft Corporation)                                                                                                                   [MANUAL] Ntfs
Service   (NULL Driver/Microsoft Corporation)                                                                                                                             [SYSTEM] Null
Service  system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 275.33 /NVIDIA Corporation)                                                            [MANUAL] nvlddmkm
Service  system32\drivers\nvraid.sys (NVIDIA® nForce(TM) RAID Driver/NVIDIA Corporation)                                                                                  [MANUAL] nvraid
Service  system32\drivers\nvstor.sys (NVIDIA® nForce(TM) Sata Performance Driver/NVIDIA Corporation)                                                                      [MANUAL] nvstor
Service  C:\Windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 275.33/NVIDIA Corporation)                                                                 [AUTO] nvsvc
Service  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Settings Update Manager/NVIDIA Corporation)                                         [AUTO] nvUpdatusService
Service  system32\drivers\nv_agp.sys (NForce NT AGP-Filter/Microsoft Corporation)                                                                                         [MANUAL] nv_agp
Service  system32\drivers\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation)                                                                                   [MANUAL] ohci1394
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] p2pimsvc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] p2psvc
Service  system32\DRIVERS\parport.sys (Treiber für parallelen Anschluss/Microsoft Corporation)                                                                            [MANUAL] Parport
Service  System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation)                                                                                 [BOOT] partmgr
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] PcaSvc
Service  system32\drivers\pci.sys (NT-Plug & Play PCI-Enumerator/Microsoft Corporation)                                                                                   [BOOT] pci
Service  system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation)                                                                                   [MANUAL] pciide
Service  system32\DRIVERS\pcmcia.sys (PCMCIA-Treiber/Microsoft Corporation)                                                                                               [MANUAL] pcmcia
Service  System32\drivers\pcw.sys (Performance Counters for Windows Driver/Microsoft Corporation)                                                                         [BOOT] pcw
Service  system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation)                                         [AUTO] PEAUTH
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] PeerDistSvc
Service                                                                                                                                                                   PerfDisk
Service  C:\Windows\SysWow64\perfhost.exe (x86-Leistungsindikatorhost/Microsoft Corporation)                                                                              [MANUAL] PerfHost
Service                                                                                                                                                                   PerfNet
Service                                                                                                                                                                   PerfOS
Service                                                                                                                                                                   PerfProc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] pla
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] PlugPlay
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] PNRPAutoReg
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] PNRPsvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] PolicyAgent
Service                                                                                                                                                                   PortProxy
Service  F:\poker\PostgreSQL\8.4\bin\pg_ctl.exe (pg_ctl - starts/stops/restarts the PostgreSQL server/PostgreSQL Global Development Group)                                [AUTO] postgresql-8.4
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Power
Service  system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation)                                                                             [MANUAL] PptpMiniport
Service  system32\DRIVERS\processr.sys (Processor Device Driver/Microsoft Corporation)                                                                                    [MANUAL] Processor
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] ProfSvc
Service  C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [MANUAL] ProtectedStorage
Service  system32\DRIVERS\pacer.sys (QoS-Paketplaner/Microsoft Corporation)                                                                                               [SYSTEM] Psched
Service  system32\DRIVERS\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation)                                                                       [MANUAL] ql2300
Service  system32\DRIVERS\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation)                                                                           [MANUAL] ql40xx
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] QWAVE
Service  system32\drivers\qwavedrv.sys (Supporttreiber für verbessertes Microsoft-Audio/Video-Streaming (qWave)/Microsoft Corporation)                                    [MANUAL] QWAVEdrv
Service  System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation)                                                                              [MANUAL] RasAcd
Service  system32\DRIVERS\AgileVpn.sys (RAS Agile Vpn Miniport Call Manager/Microsoft Corporation)                                                                        [MANUAL] RasAgileVpn
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] RasAuto
Service  system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation)                                                                      [MANUAL] Rasl2tp
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] RasMan
Service  system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation)                                                                    [MANUAL] RasPppoe
Service  system32\DRIVERS\rassstp.sys (RAS SSTP Miniport Call Manager/Microsoft Corporation)                                                                              [MANUAL] RasSstp
Service  system32\DRIVERS\rdbss.sys (Subsystemtreiber für Pufferung des umgeleiteten Laufwerks/Microsoft Corporation)                                                     [SYSTEM] rdbss
Service  system32\DRIVERS\rdpbus.sys (Microsoft RDP Bus Device driver/Microsoft Corporation)                                                                              [MANUAL] rdpbus
Service  System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation)                                                                                                 [SYSTEM] RDPCDD
Service                                                                                                                                                                   RDPDD
Service  System32\drivers\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)                                                                               [MANUAL] RDPDR
Service  system32\drivers\rdpencdd.sys (RDP Encoder Miniport/Microsoft Corporation)                                                                                       [SYSTEM] RDPENCDD
Service                                                                                                                                                                   RDPNP
Service  system32\drivers\rdprefmp.sys (RDP Reflector Driver Miniport/Microsoft Corporation)                                                                              [SYSTEM] RDPREFMP
Service   (RDP-Terminalstapeltreiber/Microsoft Corporation)                                                                                                               [MANUAL] RDPWD
Service  System32\drivers\rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)                                                                                          [BOOT] rdyboost
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [DISABLED] RemoteAccess
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] RemoteRegistry
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] RpcEptMapper
Service  C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation)                                                                                              [MANUAL] RpcLocator
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] RpcSs
Service  system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation)                                                              [AUTO] rspndr
Service  system32\DRIVERS\Rt64win7.sys (Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver                /Realtek Corporation                                            )  [MANUAL] RTL8167
Service  system32\drivers\vms3cap.sys (Microsoft S3 Emulated Device Cap Driver/Microsoft Corporation)                                                                     [MANUAL] s3cap
Service  C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [AUTO] SamSs
Service  system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation)                                                                                      [MANUAL] sbp2port
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SCardSvr
Service  System32\DRIVERS\scfilter.sys (Filtertreiber für Smartcard-Leser von Microsoft/Microsoft Corporation)                                                            [MANUAL] scfilter
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Schedule
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SCPolicySvc
Service  system32\drivers\sdbus.sys (SecureDigital Bus Driver/Microsoft Corporation)                                                                                      [MANUAL] sdbus
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SDRSVC
Service   (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)                                          [AUTO] secdrv
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] seclogon
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] SENS
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SensrSvc
Service  system32\DRIVERS\serenum.sys (Serial Port Enumerator/Microsoft Corporation)                                                                                      [MANUAL] Serenum
Service  system32\DRIVERS\serial.sys (Serieller Gerätetreiber/Microsoft Corporation)                                                                                      [MANUAL] Serial
Service  system32\DRIVERS\sermouse.sys (Serieller Mausfiltertreiber/Microsoft Corporation)                                                                                [MANUAL] sermouse
Service                                                                                                                                                                   ServiceModelEndpoint 3.0.0.0
Service                                                                                                                                                                   ServiceModelOperation 3.0.0.0
Service                                                                                                                                                                   ServiceModelService 3.0.0.0
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SessionEnv
Service  system32\DRIVERS\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation)                                                                               [MANUAL] sffdisk
Service  system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation)                                                                      [MANUAL] sffp_mmc
Service  system32\DRIVERS\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation)                                                                        [MANUAL] sffp_sd
Service  system32\DRIVERS\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation)                                                                                          [MANUAL] sfloppy
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [DISABLED] SharedAccess
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] ShellHWDetection
Service  system32\DRIVERS\SiSRaid2.sys (SiS RAID Stor Miniport Driver/Silicon Integrated Systems Corp.)                                                                   [MANUAL] SiSRaid2
Service  system32\DRIVERS\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems)                                                                         [MANUAL] SiSRaid4
Service  system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation)                                                                                            [MANUAL] Smb
Service  system32\DRIVERS\SmSerl64.sys (Motorola SM56 Modem WDM Driver/Motorola Inc.)                                                                                     [MANUAL] smserial
Service                                                                                                                                                                   SMSvcHost 3.0.0.0
Service                                                                                                                                                                   SMSvcHost 4.0.0.0
Service  C:\Windows\System32\snmptrap.exe (SNMP-Trap/Microsoft Corporation)                                                                                               [MANUAL] SNMPTRAP
Service   (loader for security processor/Microsoft Corporation)                                                                                                           [BOOT] spldr
Service  C:\Windows\System32\spoolsv.exe (Spoolersubsystem-Anwendung/Microsoft Corporation)                                                                               [AUTO] Spooler
Service  C:\Windows\system32\sppsvc.exe (Softwareschutzplattform-Dienst von Microsoft/Microsoft Corporation)                                                              [AUTO] sppsvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] sppuinotify
Service  System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation)                                                                                                   [MANUAL] srv
Service  System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation)                                                                                          [MANUAL] srv2
Service  System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation)                                                                                        [MANUAL] srvnet
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SSDPSRV
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] SstpSvc
Service  C:\Program                                                                                                                                                       [MANUAL] Steam Client Service
Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Stereo Vision Control Panel API Server/NVIDIA Corporation)                                  [AUTO] Stereo Service
Service  system32\DRIVERS\stexstor.sys (Promise  SuperTrak EX Series Driver for Windows /Promise Technology)                                                              [MANUAL] stexstor
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] stisvc
Service  system32\drivers\vmstorfl.sys (Virtual Storage Filter Driver/Microsoft Corporation)                                                                              [BOOT] storflt
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] StorSvc
Service  system32\drivers\storvsc.sys (Storage VSC Driver/Microsoft Corporation)                                                                                          [MANUAL] storvsc
Service  system32\drivers\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation)                                                                     [MANUAL] swenum
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] swprv
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] SysMain
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] TabletInputService
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] TapiSrv
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] TBS
Service  System32\drivers\tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)                                                                                                [BOOT] Tcpip
Service  system32\DRIVERS\tcpip.sys (TCP/IP-Treiber/Microsoft Corporation)                                                                                                [MANUAL] TCPIP6
Service                                                                                                                                                                   TCPIP6TUNNEL
Service  System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation)                                                                       [AUTO] tcpipreg
Service                                                                                                                                                                   TCPIPTUNNEL
Service  system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation)                                                                                  [MANUAL] TDPIPE
Service  system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation)                                                                                          [MANUAL] TDTCP
Service  system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation)                                                                                          [SYSTEM] tdx
Service  system32\drivers\termdd.sys (Remote Desktop Server Driver/Microsoft Corporation)                                                                                 [SYSTEM] TermDD
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] TermService
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Themes
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] THREADORDER
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] TrkWks
Service  C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation)                                                                      [MANUAL] TrustedInstaller
Service                                                                                                                                                                   TSDDD
Service  System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation)                                                                                  [MANUAL] tssecsrv
Service  system32\drivers\tsusbflt.sys (USB-Hub-Filtertreiber für Remotedesktop/Microsoft Corporation)                                                                    [MANUAL] TsUsbFlt
Service  system32\DRIVERS\tunnel.sys (Microsoft-Tunnelschnittstellentreiber/Microsoft Corporation)                                                                        [MANUAL] tunnel
Service  system32\DRIVERS\uagp35.sys (MS AGPv3.5-Filter/Microsoft Corporation)                                                                                            [MANUAL] uagp35
Service  system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation)                                                                                         [DISABLED] udfs
Service                                                                                                                                                                   UGatherer
Service                                                                                                                                                                   UGTHRSVC
Service  C:\Windows\system32\UI0Detect.exe (Erkennung interaktiver Dienste/Microsoft Corporation)                                                                         [MANUAL] UI0Detect
Service  system32\drivers\uliagpkx.sys (ULi AGPv3.0-Filter für K8/9-Prozessorplattformen/Microsoft Corporation)                                                           [MANUAL] uliagpkx
Service  system32\drivers\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation)                                                                                      [MANUAL] umbus
Service  system32\DRIVERS\umpass.sys (Generic pass-through driver/Microsoft Corporation)                                                                                  [MANUAL] UmPass
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] UmRdpService
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] upnphost
Service  system32\drivers\usbaudio.sys (USB Audio Class Driver/Microsoft Corporation)                                                                                     [MANUAL] usbaudio
Service  system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation)                                                                      [MANUAL] usbccgp
Service  system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation)                                                                             [MANUAL] usbcir
Service  system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation)                                                                                   [MANUAL] usbehci
Service  system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)                                                                                   [MANUAL] usbhub
Service  system32\drivers\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation)                                                                                    [MANUAL] usbohci
Service  system32\DRIVERS\usbprint.sys (USB Printer driver/Microsoft Corporation)                                                                                         [MANUAL] usbprint
Service  system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)                                                                               [MANUAL] USBSTOR
Service  system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation)                                                                                    [MANUAL] usbuhci
Service  System32\Drivers\usbvideo.sys (USB Video Class Driver/Microsoft Corporation)                                                                                     [MANUAL] usbvideo
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] UxSms
Service  C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation)                                                                           [MANUAL] VaultSvc
Service  system32\drivers\vdrvroot.sys (Stammenumerator für virtuelles Laufwerk/Microsoft Corporation)                                                                    [BOOT] vdrvroot
Service  C:\Windows\System32\vds.exe (Virtueller Datenträgerdienst/Microsoft Corporation)                                                                                 [MANUAL] vds
Service  system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation)                                                                                   [MANUAL] vga
Service  System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation)                                                                                      [SYSTEM] VgaSave
Service  system32\drivers\vhdmp.sys (VHD Miniport Driver/Microsoft Corporation)                                                                                           [MANUAL] vhdmp
Service  system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.)                                                                              [MANUAL] viaide
Service  system32\drivers\vmbus.sys (Virtual Machine Bus/Microsoft Corporation)                                                                                           [BOOT] vmbus
Service  system32\drivers\VMBusHID.sys (Microsoft VMBus HID Miniport/Microsoft Corporation)                                                                               [MANUAL] VMBusHID
Service  system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation)                                                                                        [BOOT] volmgr
Service  System32\drivers\volmgrx.sys (Treiber für Erweiterung des Volume-Managers/Microsoft Corporation)                                                                 [BOOT] volmgrx
Service  system32\drivers\volsnap.sys (Volumeschattenkopie-Treiber/Microsoft Corporation)                                                                                 [BOOT] volsnap
Service  system32\DRIVERS\vsmraid.sys (VIA RAID DRIVER FOR AMD-X86-64/VIA Technologies Inc.,Ltd)                                                                          [MANUAL] vsmraid
Service  C:\Windows\system32\vssvc.exe (Microsoft® Volumeschattenkopie-Dienst/Microsoft Corporation)                                                                      [MANUAL] VSS
Service  System32\drivers\vwifibus.sys (Virtueller WiFi-Bustreiber/Microsoft Corporation)                                                                                 [MANUAL] vwifibus
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] W32Time
Service                                                                                                                                                                   W3SVC
         
__________________

Alt 22.01.2012, 19:59   #4
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Musste die Log Datei trennen, da sie zu viele Zeichen hatte. Hier der zweite Teil:

Code:
ATTFilter
Service  system32\DRIVERS\wacompen.sys (Wacom Serial Pen Tablet HID Driver/Microsoft Corporation)                                                                         [MANUAL] WacomPen
Service  system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)                                                                      [MANUAL] WANARP
Service  system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)                                                                      [SYSTEM] Wanarpv6
Service  C:\Windows\system32\wbengine.exe (EXE-Datei für Microsoft®-Blockebenen-Sicherungsmodul/Microsoft Corporation)                                                    [MANUAL] wbengine
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WbioSrvc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] wcncsvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WcsPlugInService
Service  system32\DRIVERS\wd.sys (Microsoft Watchdog Timer Driver/Microsoft Corporation)                                                                                  [MANUAL] Wd
Service  system32\drivers\Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)                                                                       [BOOT] Wdf01000
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WdiServiceHost
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WdiSystemHost
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WebClient
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] Wecsvc
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] wercplsupport
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WerSvc
Service  system32\DRIVERS\wfplwf.sys (WFP NDIS 6.20 Lightweight Filter Driver/Microsoft Corporation)                                                                      [SYSTEM] WfpLwf
Service  C:\Windows\system32\drivers\wimmount.sys (Wim file system Driver/Microsoft Corporation)                                                                          [MANUAL] WIMMount
Service                                                                                                                                                                   Windows Workflow Foundation 3.0.0.0
Service                                                                                                                                                                   Windows Workflow Foundation 4.0.0.0
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WinHttpAutoProxySvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Winmgmt
Service  C:\Windows\System32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WinRM
Service                                                                                                                                                                   [MANUAL] Winsock
Service                                                                                                                                                                   WinSock2
Service  system32\DRIVERS\WinUSB.sys (Windows USB Class Driver BETA/Microsoft Corporation)                                                                                [MANUAL] WinUsb
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] Wlansvc
Service  system32\drivers\wmiacpi.sys (Windows Management Interface for ACPI/Microsoft Corporation)                                                                       [MANUAL] WmiAcpi
Service                                                                                                                                                                   WmiApRpl
Service  C:\Windows\system32\wbem\WmiApSrv.exe (Adapter für den WMI-Leistungsreverseadapter/Microsoft Corporation)                                                        [MANUAL] wmiApSrv
Service  C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe                                                                                                         [MANUAL] WMPNetworkSvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WPCSvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WPDBusEnum
Service  system32\drivers\ws2ifsl.sys (Winsock2-IFS-Schicht/Microsoft Corporation)                                                                                        [DISABLED] ws2ifsl
Service  C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search-Indexerstellung/Microsoft Corporation)                                                           [AUTO] WSearch
Service                                                                                                                                                                   WSearchIdxPi
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] wuauserv
Service  system32\drivers\WudfPf.sys (Windows Driver Foundation - User-mode Driver Framework Platform Driver/Microsoft Corporation)                                       [MANUAL] WudfPf
Service  system32\DRIVERS\WUDFRd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation)                                             [MANUAL] WUDFRd
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [AUTO] wudfsvc
Service  C:\Windows\system32\svchost.exe (Hostprozess für Windows-Dienste/Microsoft Corporation)                                                                          [MANUAL] WwanSvc
Service  system32\drivers\XENfiltv.sys (Creative Audio Driver/Creative Technology Ltd.)                                                                                   [MANUAL] XENfiltv
Service                                                                                                                                                                   xmlprov
Service  system32\DRIVERS\xusb21.sys (Windows Common Controller/Microsoft Corporation)                                                                                    [MANUAL] xusb21
Service                                                                                                                                                                   {1A25F6BA-D8E7-4EA0-9407-9F8E5E0EA8CA}
Service                                                                                                                                                                   {2A625DC4-80F9-457A-AAA9-02A747873EAB}
Service                                                                                                                                                                   {BFBC0C73-8713-4369-8AD9-1C5E85151453}

---- Files - GMER 1.0.15 ----

File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\01001D25-FFC3-4C66-8287-1AC5D7394D2E.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\01001D25-FFC3-4C66-8287-1AC5D7394D2E.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\09E2D78B-B6A4-4EBC-A22C-A7068969E3C9.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\09E2D78B-B6A4-4EBC-A22C-A7068969E3C9.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0BDFF1D0-E2AA-4CE4-A96E-B6F89FB83A5C.data                                                            5859 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0BDFF1D0-E2AA-4CE4-A96E-B6F89FB83A5C.data.info                                                       214 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0C850A1C-0BFF-41D5-A6E1-A2F594121E18.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0C850A1C-0BFF-41D5-A6E1-A2F594121E18.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0E625004-5EF3-4EB5-9F69-D5A808107137.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\0E625004-5EF3-4EB5-9F69-D5A808107137.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\10ACC0AD-DF1D-4673-AD46-5940F35DF2C2.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BBE3735F-204E-44C6-B5AC-27CD86A7DD65.data                                                            353792 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BBE3735F-204E-44C6-B5AC-27CD86A7DD65.data.info                                                       152 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BCEB3BF2-CCF9-4420-BFC2-314A7B3AB37A.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BCEB3BF2-CCF9-4420-BFC2-314A7B3AB37A.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C085B182-97B1-45CB-941E-5A9895C461A9.data                                                            463360 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C085B182-97B1-45CB-941E-5A9895C461A9.data.info                                                       178 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C1EC9FAE-FB74-46CD-B6E3-5B7142DBE257.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C1EC9FAE-FB74-46CD-B6E3-5B7142DBE257.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\619CDC08-43CC-4BB5-9F5E-139F4CBCB0E6.data.info                                                       140 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\63623BEA-9911-47E5-A76D-381F6C5AD5F2.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\63623BEA-9911-47E5-A76D-381F6C5AD5F2.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\63B5B25A-4A97-4F46-97F2-3C564EB052C6.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\63B5B25A-4A97-4F46-97F2-3C564EB052C6.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\647704CF-7EB3-4B5E-8AC9-4C623E74C20D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\647704CF-7EB3-4B5E-8AC9-4C623E74C20D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\658BA497-5746-41FE-ABB5-AEA723397925.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\658BA497-5746-41FE-ABB5-AEA723397925.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6625F2CC-36AE-41A8-9CC6-4D7AD8D4A156.data                                                            463360 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E2CF47C1-9CF0-4008-AD63-96FB26DB9454.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E2CF47C1-9CF0-4008-AD63-96FB26DB9454.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E3CD0361-2F04-4EEA-8C36-14E7E70373DE.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E3CD0361-2F04-4EEA-8C36-14E7E70373DE.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E69F7066-F966-437B-BF79-D293523E06B7.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E69F7066-F966-437B-BF79-D293523E06B7.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E7ED9EE4-D975-4407-BC68-770438C5CEFD.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E7ED9EE4-D975-4407-BC68-770438C5CEFD.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E8990B65-DDCA-46D9-8614-2F627AE2179D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E8990B65-DDCA-46D9-8614-2F627AE2179D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EA882AE3-7B2E-4F29-935E-B6F6A70CDF0F.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EA882AE3-7B2E-4F29-935E-B6F6A70CDF0F.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EB9A9162-D7A2-4EB9-9F30-18A976FA17CB.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EB9A9162-D7A2-4EB9-9F30-18A976FA17CB.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\10ACC0AD-DF1D-4673-AD46-5940F35DF2C2.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1B0D74A1-AD1A-443D-82E9-ED1322CBE9D9.data.info                                                       178 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\252C848E-7E14-4C29-9CDF-E75D2DEDAFAD.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2EB542FF-A8BB-4E92-8186-579140642146.data                                                            284160 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4B123B2C-5AF0-4F69-A2B2-CCB26FBF3787.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5B11F030-BFD4-4DCA-9725-BE75684D6B10.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\619CDC08-43CC-4BB5-9F5E-139F4CBCB0E6.data                                                            189952 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6625F2CC-36AE-41A8-9CC6-4D7AD8D4A156.data.info                                                       164 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\872E9558-643E-4E33-85F1-BDEF187C2B27.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8C90D2BA-1883-46C4-8CDD-7A3E077A89BD.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A15DE00D-99FF-469E-8A00-1807226AEC15.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A89760A3-DF86-4846-97D4-D10CB265ADA1.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BA8469D2-C3EB-4CD6-B5E0-475321C6AAF3.data.info                                                       158 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C22A59B7-F722-447C-B75E-85E1B9D6F6B2.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D2C9048E-D86A-4220-A68C-B0AD31FC114B.data                                                            172544 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F90F9F23-2938-455C-81C1-A80C44EF5543.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4BF8D0AD-6A9E-48B4-BE0A-A06F80359FFB.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4BF8D0AD-6A9E-48B4-BE0A-A06F80359FFB.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4E1B34A6-7B36-499F-A398-D8E565C018CC.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4E1B34A6-7B36-499F-A398-D8E565C018CC.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4FD3E031-A699-4C07-BE39-E71910594717.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4FD3E031-A699-4C07-BE39-E71910594717.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\52A60B8B-6AE6-442A-A1A4-39AED1A5EFDB.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\52A60B8B-6AE6-442A-A1A4-39AED1A5EFDB.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\566F304B-C9FF-4BF5-ACAF-E3054196117E.data                                                            1952 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\566F304B-C9FF-4BF5-ACAF-E3054196117E.data.info                                                       282 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\56E8B780-79FC-4254-B299-4D694A80344C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\56E8B780-79FC-4254-B299-4D694A80344C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\56F3D09B-2EFE-44CE-8FDB-E1DB44E38C0C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\56F3D09B-2EFE-44CE-8FDB-E1DB44E38C0C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2EB542FF-A8BB-4E92-8186-579140642146.data.info                                                       154 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2FDB228F-09AE-4A14-836A-27F0842E1415.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2FDB228F-09AE-4A14-836A-27F0842E1415.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\3815AD44-EC5A-4B00-9B28-5DEC7DE2E0E5.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\3815AD44-EC5A-4B00-9B28-5DEC7DE2E0E5.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\387C00AE-8041-4780-A28C-58886EE8A638.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\387C00AE-8041-4780-A28C-58886EE8A638.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7C6D34A4-A6CA-4E6C-8CB2-5662F20EC68B.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7C6D34A4-A6CA-4E6C-8CB2-5662F20EC68B.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7E0A3E73-FCB9-43BA-9858-73C3B6D7F290.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7E0A3E73-FCB9-43BA-9858-73C3B6D7F290.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\83C2288C-06C0-438C-97C6-E4E217E212C4.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\83C2288C-06C0-438C-97C6-E4E217E212C4.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\84CEAA97-8B15-4F2B-A896-14AFACC66FE4.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\84CEAA97-8B15-4F2B-A896-14AFACC66FE4.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A89760A3-DF86-4846-97D4-D10CB265ADA1.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A9969556-9C32-4162-A9CC-76101EADDE6B.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A9969556-9C32-4162-A9CC-76101EADDE6B.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\AC5C375D-DC12-4E41-91A0-2F5E5D43BA85.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\AC5C375D-DC12-4E41-91A0-2F5E5D43BA85.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\AE44208C-B202-44F1-979A-DEAA70610089.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\AE44208C-B202-44F1-979A-DEAA70610089.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1D5241FB-5C10-4657-A1A3-4CAB62508258.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1D5241FB-5C10-4657-A1A3-4CAB62508258.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1D724103-A7F3-41FA-A53D-CEA04ABCFE3E.data                                                            1952 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1D724103-A7F3-41FA-A53D-CEA04ABCFE3E.data.info                                                       282 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\20E1BBA4-DDB7-493E-B838-E337351471EC.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\20E1BBA4-DDB7-493E-B838-E337351471EC.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\247A4D2C-40C3-4CB6-A3AB-73797D2A3452.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\247A4D2C-40C3-4CB6-A3AB-73797D2A3452.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D2C9048E-D86A-4220-A68C-B0AD31FC114B.data.info                                                       164 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D7E425C4-6CD1-46E9-86FF-C037D3539D3D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D7E425C4-6CD1-46E9-86FF-C037D3539D3D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D99D4D3D-78A9-4A6E-AD3C-8CA77840BF90.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D99D4D3D-78A9-4A6E-AD3C-8CA77840BF90.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D9DAF3AF-E92D-4671-AAA1-7787DCA9DF95.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D9DAF3AF-E92D-4671-AAA1-7787DCA9DF95.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\ECDF6A1F-16E8-4F98-8722-D4A4DE5E66FF.data                                                            5943 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\ECDF6A1F-16E8-4F98-8722-D4A4DE5E66FF.data.info                                                       214 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\ED99B6EA-EDFF-4DCB-ABBD-86B03C0B58D8.data                                                            755574 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\ED99B6EA-EDFF-4DCB-ABBD-86B03C0B58D8.data.info                                                       216 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EE6DCFC1-8143-4380-BB7A-6E953632ADF7.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\EE6DCFC1-8143-4380-BB7A-6E953632ADF7.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F677C51C-2CCF-4C4F-9747-F09462A39D13.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F677C51C-2CCF-4C4F-9747-F09462A39D13.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F700E1D6-566A-4446-BA63-C89EC800C00B.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F700E1D6-566A-4446-BA63-C89EC800C00B.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\F90F9F23-2938-455C-81C1-A80C44EF5543.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5752EF81-F471-434A-ADA6-3AA0C95C7FB6.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5752EF81-F471-434A-ADA6-3AA0C95C7FB6.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\57CA1004-407C-4439-BC0F-E627F45D71F0.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\57CA1004-407C-4439-BC0F-E627F45D71F0.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\580C3B91-9F9E-48BC-96F6-932C7687A143.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\580C3B91-9F9E-48BC-96F6-932C7687A143.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\591093A5-1C56-41DB-9F2D-E34D28851540.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\591093A5-1C56-41DB-9F2D-E34D28851540.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5A7DF90C-ABC9-4A28-95FE-4A19B3FA71EA.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5A7DF90C-ABC9-4A28-95FE-4A19B3FA71EA.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5B11F030-BFD4-4DCA-9725-BE75684D6B10.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6A502B27-54D4-4028-8203-06B241ADF56E.data                                                            353792 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6A502B27-54D4-4028-8203-06B241ADF56E.data.info                                                       152 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6C7B6E07-8C29-49F5-94CE-55647DD9FFDE.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6C7B6E07-8C29-49F5-94CE-55647DD9FFDE.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6CD556F0-D75B-4694-A7EC-154E62C72BD0.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6CD556F0-D75B-4694-A7EC-154E62C72BD0.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\75DC9D76-4718-4556-9BF2-AAE454C2B86D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\75DC9D76-4718-4556-9BF2-AAE454C2B86D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7A941D81-9AD6-4665-82D1-26CB3AF30484.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7A941D81-9AD6-4665-82D1-26CB3AF30484.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7B480A7F-145D-49FF-A617-D001F6AC4829.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\7B480A7F-145D-49FF-A617-D001F6AC4829.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8DA1D4FD-7C51-4D51-AFF9-7A6C84937A1F.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8DA1D4FD-7C51-4D51-AFF9-7A6C84937A1F.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\92C3AFAF-D96B-4C94-A59E-10AF09B9F144.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\92C3AFAF-D96B-4C94-A59E-10AF09B9F144.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\93D076EB-E0BD-4768-A608-848CC4529263.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\93D076EB-E0BD-4768-A608-848CC4529263.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\94BE41EA-E5BB-472C-97FE-D21B94DA206F.data                                                            6021 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\94BE41EA-E5BB-472C-97FE-D21B94DA206F.data.info                                                       214 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\994AD976-364E-4ABB-A2FC-8DF477A47D03.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\994AD976-364E-4ABB-A2FC-8DF477A47D03.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\9C39C9BB-9DD3-4660-AB26-C7463DF2B727.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\9C39C9BB-9DD3-4660-AB26-C7463DF2B727.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C22A59B7-F722-447C-B75E-85E1B9D6F6B2.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C9547B4D-54E0-4621-ADFB-38A8116457FB.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\C9547B4D-54E0-4621-ADFB-38A8116457FB.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CC3F8A0C-0A73-4817-944E-801BBD395366.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CC3F8A0C-0A73-4817-944E-801BBD395366.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CFA2F874-1692-46EA-8693-51BA0B0DCE0A.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CFA2F874-1692-46EA-8693-51BA0B0DCE0A.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CFC5F48E-18E9-41C2-8F7C-751C1B039575.data                                                            5774 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\CFC5F48E-18E9-41C2-8F7C-751C1B039575.data.info                                                       212 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D1AC04F3-196C-4761-B93C-4ED57BD779AA.data                                                            5871 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D1AC04F3-196C-4761-B93C-4ED57BD779AA.data.info                                                       214 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D2694D0B-8486-43BB-84F8-D112C3C73458.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D2694D0B-8486-43BB-84F8-D112C3C73458.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\114939E4-1181-4380-90CA-897B3BBB462D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\114939E4-1181-4380-90CA-897B3BBB462D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\176EFD05-05D0-4C94-8447-2A895742AB63.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\176EFD05-05D0-4C94-8447-2A895742AB63.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1829056F-1454-44AF-86A0-74EB0D44F293.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1829056F-1454-44AF-86A0-74EB0D44F293.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1841B057-10D9-4813-9F4A-A75F86E0540A.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1841B057-10D9-4813-9F4A-A75F86E0540A.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\1B0D74A1-AD1A-443D-82E9-ED1322CBE9D9.data                                                            284160 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\252C848E-7E14-4C29-9CDF-E75D2DEDAFAD.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\269B2047-CEE2-4317-B004-2E125DCAB453.data                                                            1638400 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\269B2047-CEE2-4317-B004-2E125DCAB453.data.info                                                       120 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2783E220-79B2-41C7-9462-E6E610C03C4F.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2783E220-79B2-41C7-9462-E6E610C03C4F.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2970EBDF-FF37-4B17-80DA-069E01C0E56F.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\2970EBDF-FF37-4B17-80DA-069E01C0E56F.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FAA86A89-C2E1-4562-8A6E-481175BFE55A.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FAA86A89-C2E1-4562-8A6E-481175BFE55A.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FB602674-2916-42AC-B867-CB88D6A71295.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FB602674-2916-42AC-B867-CB88D6A71295.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FD32CA83-9892-41A5-8DD6-D8C44F36EB53.data                                                            176640 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\FD32CA83-9892-41A5-8DD6-D8C44F36EB53.data.info                                                       156 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp                                                                                                 0 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\Temp\baseupd                                                                                         0 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4696209E-B867-413D-9FDF-6A0859073DDD.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4696209E-B867-413D-9FDF-6A0859073DDD.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\482BC54C-E29C-403E-A776-306F100A638C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\482BC54C-E29C-403E-A776-306F100A638C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\489FD33B-0B13-4DFF-B0CD-CC7EE36427BB.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\489FD33B-0B13-4DFF-B0CD-CC7EE36427BB.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4AA515E2-CA21-4221-A783-29B8556C19DC.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4AA515E2-CA21-4221-A783-29B8556C19DC.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\4B123B2C-5AF0-4F69-A2B2-CCB26FBF3787.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\872E9558-643E-4E33-85F1-BDEF187C2B27.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\89D72A4A-8499-411C-B619-0B6AC2F8628D.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\89D72A4A-8499-411C-B619-0B6AC2F8628D.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8AB2E0F0-EAC6-40D2-A4CD-4466DE7CDF1E.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8AB2E0F0-EAC6-40D2-A4CD-4466DE7CDF1E.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\8C90D2BA-1883-46C4-8CDD-7A3E077A89BD.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5F8A8452-F004-4D4A-90D6-95C9FC8C66C4.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5F8A8452-F004-4D4A-90D6-95C9FC8C66C4.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5F902E3F-807C-4B3F-B6B9-DE8B660A0BB3.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\5F902E3F-807C-4B3F-B6B9-DE8B660A0BB3.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6004EED9-4BB3-45D4-B888-CA0FFFC70D47.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\6004EED9-4BB3-45D4-B888-CA0FFFC70D47.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A15DE00D-99FF-469E-8A00-1807226AEC15.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A1705957-8CA6-4BCD-A139-DEE22FD1E6A9.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A1705957-8CA6-4BCD-A139-DEE22FD1E6A9.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A334E229-25C2-427F-B90E-DD545F25A5D2.data                                                            5859 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A334E229-25C2-427F-B90E-DD545F25A5D2.data.info                                                       208 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A44EA30B-3C05-49AE-89FE-DC4BB622A5C2.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A44EA30B-3C05-49AE-89FE-DC4BB622A5C2.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A68FF165-875B-4FB2-A7A0-1E60E808A08C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\A68FF165-875B-4FB2-A7A0-1E60E808A08C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D9F7B755-6FB4-470F-840F-C295729D10CF.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\D9F7B755-6FB4-470F-840F-C295729D10CF.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\DD2F68F8-821D-445D-8AE6-BDF7C50F654C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\DD2F68F8-821D-445D-8AE6-BDF7C50F654C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E16E4933-FC3D-4DFB-BE76-5EABC6B04A5B.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E16E4933-FC3D-4DFB-BE76-5EABC6B04A5B.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E22F932A-8D27-488B-98C6-706B1D5B010F.data                                                            3649536 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\E22F932A-8D27-488B-98C6-706B1D5B010F.data.info                                                       148 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B1C1BDDE-62F6-4CC3-B166-B13FD97F4795.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B1C1BDDE-62F6-4CC3-B166-B13FD97F4795.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B3715972-8AD5-4ED2-9DC7-D6E64765A99C.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B3715972-8AD5-4ED2-9DC7-D6E64765A99C.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B3786801-D541-4F8E-BEBE-DCBA5244A38B.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B3786801-D541-4F8E-BEBE-DCBA5244A38B.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B4591E9D-A55A-4714-A066-DFC8B0FF9423.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B4591E9D-A55A-4714-A066-DFC8B0FF9423.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B9B785D6-855B-4AA5-AE69-24754CF281FB.data                                                            7839 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\B9B785D6-855B-4AA5-AE69-24754CF281FB.data.info                                                       212 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\BA8469D2-C3EB-4CD6-B5E0-475321C6AAF3.data                                                            100352 bytes executable
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\388E38D2-1E6A-4FF4-A2A0-FE92C1A478F0.data                                                            1952 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\388E38D2-1E6A-4FF4-A2A0-FE92C1A478F0.data.info                                                       282 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\395514B8-8836-4B66-BC02-E23AEBBB8DF1.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\395514B8-8836-4B66-BC02-E23AEBBB8DF1.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\3D7EEF34-CE25-4094-BBF9-E1989970BFB3.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\3D7EEF34-CE25-4094-BBF9-E1989970BFB3.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\40B8CC32-8ADB-40CF-895C-8A2494F551C8.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\40B8CC32-8ADB-40CF-895C-8A2494F551C8.data.info                                                       286 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\44810E46-8D14-4340-BF3D-51584CDE2D9F.data                                                            1948 bytes
File     C:\Program Files\COMODO\COMODO Internet Security\Quarantine\44810E46-8D14-4340-BF3D-51584CDE2D9F.data.info                                                       286 bytes

---- EOF - GMER 1.0.15 ----
         

Alt 22.01.2012, 20:21   #5
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein.
  • Klicke auf Scan
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.



Bitte poste in deiner nächsten Antwort
TDSSKiller Log
aswMBR.txt

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 22.01.2012, 20:43   #6
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



TDSS

Code:
ATTFilter
21:37:27.0830 1208	TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
21:37:28.0029 1208	============================================================
21:37:28.0029 1208	Current date / time: 2012/01/22 21:37:28.0029
21:37:28.0029 1208	SystemInfo:
21:37:28.0029 1208	
21:37:28.0029 1208	OS Version: 6.1.7601 ServicePack: 1.0
21:37:28.0029 1208	Product type: Workstation
21:37:28.0030 1208	ComputerName: MARK-PC
21:37:28.0030 1208	UserName: Mark
21:37:28.0030 1208	Windows directory: C:\Windows
21:37:28.0030 1208	System windows directory: C:\Windows
21:37:28.0030 1208	Running under WOW64
21:37:28.0030 1208	Processor architecture: Intel x64
21:37:28.0030 1208	Number of processors: 2
21:37:28.0030 1208	Page size: 0x1000
21:37:28.0030 1208	Boot type: Normal boot
21:37:28.0030 1208	============================================================
21:37:28.0648 1208	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:37:28.0841 1208	Initialize success
21:37:37.0557 3120	============================================================
21:37:37.0557 3120	Scan started
21:37:37.0558 3120	Mode: Manual; 
21:37:37.0558 3120	============================================================
21:37:40.0111 3120	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:37:40.0116 3120	1394ohci - ok
21:37:40.0161 3120	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:37:40.0167 3120	ACPI - ok
21:37:40.0219 3120	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:37:40.0221 3120	AcpiPmi - ok
21:37:40.0360 3120	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:37:40.0373 3120	adp94xx - ok
21:37:40.0413 3120	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:37:40.0420 3120	adpahci - ok
21:37:40.0449 3120	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:37:40.0456 3120	adpu320 - ok
21:37:40.0526 3120	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:37:40.0536 3120	AFD - ok
21:37:40.0578 3120	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:37:40.0582 3120	agp440 - ok
21:37:40.0630 3120	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:37:40.0632 3120	aliide - ok
21:37:40.0647 3120	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:37:40.0650 3120	amdide - ok
21:37:40.0694 3120	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:37:40.0697 3120	AmdK8 - ok
21:37:40.0720 3120	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:37:40.0726 3120	AmdPPM - ok
21:37:40.0818 3120	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:37:40.0826 3120	amdsata - ok
21:37:40.0866 3120	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:37:40.0871 3120	amdsbs - ok
21:37:40.0887 3120	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:37:40.0890 3120	amdxata - ok
21:37:40.0949 3120	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:37:40.0954 3120	AppID - ok
21:37:41.0021 3120	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:37:41.0024 3120	arc - ok
21:37:41.0034 3120	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:37:41.0038 3120	arcsas - ok
21:37:41.0182 3120	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:37:41.0185 3120	AsyncMac - ok
21:37:41.0241 3120	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:37:41.0245 3120	atapi - ok
21:37:41.0375 3120	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
21:37:41.0383 3120	atksgt - ok
21:37:41.0512 3120	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:37:41.0522 3120	b06bdrv - ok
21:37:41.0579 3120	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:37:41.0585 3120	b57nd60a - ok
21:37:41.0633 3120	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:37:41.0636 3120	Beep - ok
21:37:41.0687 3120	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:37:41.0689 3120	blbdrive - ok
21:37:41.0735 3120	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:37:41.0739 3120	bowser - ok
21:37:41.0767 3120	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:37:41.0770 3120	BrFiltLo - ok
21:37:41.0789 3120	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:37:41.0791 3120	BrFiltUp - ok
21:37:41.0822 3120	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:37:41.0828 3120	Brserid - ok
21:37:41.0850 3120	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:37:41.0853 3120	BrSerWdm - ok
21:37:41.0881 3120	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:37:41.0883 3120	BrUsbMdm - ok
21:37:41.0899 3120	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:37:41.0901 3120	BrUsbSer - ok
21:37:41.0937 3120	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:37:41.0939 3120	BTHMODEM - ok
21:37:41.0964 3120	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:37:41.0967 3120	cdfs - ok
21:37:42.0034 3120	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:37:42.0038 3120	cdrom - ok
21:37:42.0132 3120	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:37:42.0134 3120	circlass - ok
21:37:42.0176 3120	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:37:42.0183 3120	CLFS - ok
21:37:42.0331 3120	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:37:42.0333 3120	CmBatt - ok
21:37:42.0429 3120	cmderd          (fa26df95bfbeccbd44c961834789c549) C:\Windows\system32\DRIVERS\cmderd.sys
21:37:42.0434 3120	cmderd - ok
21:37:42.0689 3120	cmdGuard        (efd76d1c9a28b75ff05b23cb0e7f79cd) C:\Windows\system32\DRIVERS\cmdguard.sys
21:37:42.0711 3120	cmdGuard - ok
21:37:42.0769 3120	cmdHlp          (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys
21:37:42.0773 3120	cmdHlp - ok
21:37:42.0814 3120	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:37:42.0816 3120	cmdide - ok
21:37:42.0875 3120	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:37:42.0884 3120	CNG - ok
21:37:42.0987 3120	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:37:42.0991 3120	Compbatt - ok
21:37:43.0028 3120	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:37:43.0030 3120	CompositeBus - ok
21:37:43.0066 3120	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:37:43.0068 3120	crcdisk - ok
21:37:43.0196 3120	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
21:37:43.0214 3120	CSC - ok
21:37:43.0358 3120	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:37:43.0362 3120	DfsC - ok
21:37:43.0407 3120	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:37:43.0410 3120	discache - ok
21:37:43.0464 3120	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:37:43.0467 3120	Disk - ok
21:37:43.0596 3120	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:37:43.0598 3120	drmkaud - ok
21:37:43.0663 3120	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:37:43.0686 3120	DXGKrnl - ok
21:37:43.0784 3120	EagleX64 - ok
21:37:43.0932 3120	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:37:44.0025 3120	ebdrv - ok
21:37:44.0114 3120	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:37:44.0122 3120	elxstor - ok
21:37:44.0172 3120	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:37:44.0176 3120	ErrDev - ok
21:37:44.0261 3120	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:37:44.0265 3120	exfat - ok
21:37:44.0299 3120	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:37:44.0303 3120	fastfat - ok
21:37:44.0331 3120	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:37:44.0333 3120	fdc - ok
21:37:44.0368 3120	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:37:44.0375 3120	FileInfo - ok
21:37:44.0394 3120	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:37:44.0397 3120	Filetrace - ok
21:37:44.0410 3120	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:37:44.0413 3120	flpydisk - ok
21:37:44.0449 3120	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:37:44.0454 3120	FltMgr - ok
21:37:44.0482 3120	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:37:44.0486 3120	FsDepends - ok
21:37:44.0524 3120	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:37:44.0527 3120	Fs_Rec - ok
21:37:44.0609 3120	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:37:44.0615 3120	fvevol - ok
21:37:44.0681 3120	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:37:44.0684 3120	gagp30kx - ok
21:37:44.0747 3120	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
21:37:44.0749 3120	hamachi - ok
21:37:44.0834 3120	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:37:44.0838 3120	hcw85cir - ok
21:37:44.0903 3120	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:37:44.0911 3120	HdAudAddService - ok
21:37:44.0972 3120	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:37:44.0976 3120	HDAudBus - ok
21:37:45.0018 3120	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:37:45.0021 3120	HidBatt - ok
21:37:45.0050 3120	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:37:45.0054 3120	HidBth - ok
21:37:45.0074 3120	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:37:45.0078 3120	HidIr - ok
21:37:45.0129 3120	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:37:45.0131 3120	HidUsb - ok
21:37:45.0186 3120	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:37:45.0189 3120	HpSAMD - ok
21:37:45.0238 3120	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:37:45.0261 3120	HTTP - ok
21:37:45.0304 3120	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:37:45.0308 3120	hwpolicy - ok
21:37:45.0357 3120	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:37:45.0362 3120	i8042prt - ok
21:37:45.0454 3120	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
21:37:45.0457 3120	iaStor - ok
21:37:45.0508 3120	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:37:45.0516 3120	iaStorV - ok
21:37:45.0558 3120	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:37:45.0561 3120	iirsp - ok
21:37:45.0604 3120	inspect         (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
21:37:45.0607 3120	inspect - ok
21:37:45.0652 3120	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:37:45.0655 3120	intelide - ok
21:37:45.0706 3120	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:37:45.0709 3120	intelppm - ok
21:37:45.0753 3120	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:45.0757 3120	IpFilterDriver - ok
21:37:45.0799 3120	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:37:45.0802 3120	IPMIDRV - ok
21:37:45.0832 3120	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:37:45.0836 3120	IPNAT - ok
21:37:45.0873 3120	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:37:45.0875 3120	IRENUM - ok
21:37:45.0913 3120	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:37:45.0915 3120	isapnp - ok
21:37:45.0947 3120	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:37:45.0953 3120	iScsiPrt - ok
21:37:45.0979 3120	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:45.0982 3120	kbdclass - ok
21:37:46.0021 3120	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:46.0024 3120	kbdhid - ok
21:37:46.0130 3120	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:37:46.0134 3120	KSecDD - ok
21:37:46.0166 3120	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:37:46.0170 3120	KSecPkg - ok
21:37:46.0245 3120	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:37:46.0248 3120	ksthunk - ok
21:37:46.0469 3120	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
21:37:46.0476 3120	lirsgt - ok
21:37:46.0550 3120	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:37:46.0553 3120	lltdio - ok
21:37:46.0633 3120	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:37:46.0636 3120	LSI_FC - ok
21:37:46.0668 3120	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:37:46.0672 3120	LSI_SAS - ok
21:37:46.0697 3120	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:37:46.0701 3120	LSI_SAS2 - ok
21:37:46.0727 3120	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:37:46.0731 3120	LSI_SCSI - ok
21:37:46.0769 3120	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:37:46.0772 3120	luafv - ok
21:37:46.0839 3120	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
21:37:46.0842 3120	MBAMProtector - ok
21:37:46.0880 3120	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:37:46.0883 3120	megasas - ok
21:37:46.0906 3120	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:37:46.0911 3120	MegaSR - ok
21:37:46.0940 3120	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:37:46.0943 3120	Modem - ok
21:37:47.0039 3120	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:37:47.0041 3120	monitor - ok
21:37:47.0094 3120	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:37:47.0096 3120	mouclass - ok
21:37:47.0143 3120	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:37:47.0146 3120	mouhid - ok
21:37:47.0233 3120	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:37:47.0239 3120	mountmgr - ok
21:37:47.0273 3120	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:37:47.0277 3120	mpio - ok
21:37:47.0313 3120	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:37:47.0316 3120	mpsdrv - ok
21:37:47.0365 3120	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:37:47.0368 3120	MRxDAV - ok
21:37:47.0407 3120	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:47.0411 3120	mrxsmb - ok
21:37:47.0443 3120	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:47.0448 3120	mrxsmb10 - ok
21:37:47.0467 3120	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:47.0471 3120	mrxsmb20 - ok
21:37:47.0513 3120	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:37:47.0515 3120	msahci - ok
21:37:47.0557 3120	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:37:47.0561 3120	msdsm - ok
21:37:47.0608 3120	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:37:47.0610 3120	Msfs - ok
21:37:47.0693 3120	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:37:47.0695 3120	mshidkmdf - ok
21:37:47.0741 3120	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:37:47.0743 3120	msisadrv - ok
21:37:47.0843 3120	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:37:47.0846 3120	MSKSSRV - ok
21:37:47.0874 3120	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:47.0896 3120	MSPCLOCK - ok
21:37:47.0968 3120	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:37:47.0972 3120	MSPQM - ok
21:37:48.0018 3120	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:37:48.0025 3120	MsRPC - ok
21:37:48.0072 3120	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:37:48.0073 3120	mssmbios - ok
21:37:48.0162 3120	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:37:48.0165 3120	MSTEE - ok
21:37:48.0193 3120	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:37:48.0196 3120	MTConfig - ok
21:37:48.0215 3120	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:37:48.0219 3120	Mup - ok
21:37:48.0302 3120	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:37:48.0308 3120	NativeWifiP - ok
21:37:48.0398 3120	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:37:48.0421 3120	NDIS - ok
21:37:48.0484 3120	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:48.0487 3120	NdisCap - ok
21:37:48.0526 3120	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:48.0528 3120	NdisTapi - ok
21:37:48.0578 3120	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:48.0581 3120	Ndisuio - ok
21:37:48.0641 3120	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:48.0645 3120	NdisWan - ok
21:37:48.0699 3120	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:37:48.0705 3120	NDProxy - ok
21:37:48.0766 3120	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:37:48.0774 3120	NetBIOS - ok
21:37:48.0892 3120	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:37:48.0898 3120	NetBT - ok
21:37:49.0169 3120	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
21:37:49.0296 3120	netw5v64 - ok
21:37:49.0355 3120	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:37:49.0358 3120	nfrd960 - ok
21:37:49.0422 3120	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:37:49.0425 3120	Npfs - ok
21:37:49.0446 3120	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:37:49.0449 3120	nsiproxy - ok
21:37:49.0522 3120	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:37:49.0556 3120	Ntfs - ok
21:37:49.0589 3120	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:37:49.0591 3120	Null - ok
21:37:50.0015 3120	nvlddmkm        (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:37:50.0261 3120	nvlddmkm - ok
21:37:50.0336 3120	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:37:50.0342 3120	nvraid - ok
21:37:50.0370 3120	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:37:50.0375 3120	nvstor - ok
21:37:50.0444 3120	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:37:50.0448 3120	nv_agp - ok
21:37:50.0487 3120	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:37:50.0491 3120	ohci1394 - ok
21:37:50.0548 3120	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:37:50.0552 3120	Parport - ok
21:37:50.0605 3120	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:37:50.0609 3120	partmgr - ok
21:37:50.0645 3120	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:37:50.0650 3120	pci - ok
21:37:50.0673 3120	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:37:50.0676 3120	pciide - ok
21:37:50.0720 3120	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:37:50.0725 3120	pcmcia - ok
21:37:50.0752 3120	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:37:50.0756 3120	pcw - ok
21:37:50.0784 3120	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:37:50.0807 3120	PEAUTH - ok
21:37:50.0955 3120	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:37:50.0962 3120	PptpMiniport - ok
21:37:51.0008 3120	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:37:51.0011 3120	Processor - ok
21:37:51.0096 3120	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:37:51.0101 3120	Psched - ok
21:37:51.0185 3120	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:37:51.0219 3120	ql2300 - ok
21:37:51.0251 3120	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:37:51.0255 3120	ql40xx - ok
21:37:51.0277 3120	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:37:51.0280 3120	QWAVEdrv - ok
21:37:51.0302 3120	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:37:51.0304 3120	RasAcd - ok
21:37:51.0348 3120	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:51.0351 3120	RasAgileVpn - ok
21:37:51.0439 3120	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:51.0445 3120	Rasl2tp - ok
21:37:51.0499 3120	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:51.0503 3120	RasPppoe - ok
21:37:51.0531 3120	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:37:51.0534 3120	RasSstp - ok
21:37:51.0601 3120	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:37:51.0607 3120	rdbss - ok
21:37:51.0642 3120	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:37:51.0645 3120	rdpbus - ok
21:37:51.0663 3120	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:51.0665 3120	RDPCDD - ok
21:37:51.0710 3120	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
21:37:51.0714 3120	RDPDR - ok
21:37:51.0796 3120	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:37:51.0798 3120	RDPENCDD - ok
21:37:51.0844 3120	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:37:51.0847 3120	RDPREFMP - ok
21:37:51.0897 3120	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:37:51.0901 3120	RDPWD - ok
21:37:51.0942 3120	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:37:51.0946 3120	rdyboost - ok
21:37:52.0037 3120	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:37:52.0040 3120	rspndr - ok
21:37:52.0093 3120	RTL8167         (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:37:52.0108 3120	RTL8167 - ok
21:37:52.0208 3120	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
21:37:52.0210 3120	s3cap - ok
21:37:52.0274 3120	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:37:52.0280 3120	sbp2port - ok
21:37:52.0344 3120	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:37:52.0346 3120	scfilter - ok
21:37:52.0403 3120	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
21:37:52.0406 3120	sdbus - ok
21:37:52.0456 3120	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:37:52.0459 3120	secdrv - ok
21:37:52.0493 3120	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:37:52.0495 3120	Serenum - ok
21:37:52.0516 3120	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:37:52.0519 3120	Serial - ok
21:37:52.0572 3120	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:37:52.0575 3120	sermouse - ok
21:37:52.0637 3120	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
21:37:52.0644 3120	sffdisk - ok
21:37:52.0678 3120	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:37:52.0681 3120	sffp_mmc - ok
21:37:52.0708 3120	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:37:52.0710 3120	sffp_sd - ok
21:37:52.0740 3120	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:37:52.0742 3120	sfloppy - ok
21:37:52.0795 3120	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:37:52.0798 3120	SiSRaid2 - ok
21:37:52.0821 3120	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:37:52.0824 3120	SiSRaid4 - ok
21:37:52.0858 3120	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:37:52.0861 3120	Smb - ok
21:37:52.0933 3120	smserial        (7ae8bca90539ecbde87ac45ba1436be3) C:\Windows\system32\DRIVERS\SmSerl64.sys
21:37:52.0967 3120	smserial - ok
21:37:53.0045 3120	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:37:53.0049 3120	spldr - ok
21:37:53.0131 3120	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:37:53.0139 3120	srv - ok
21:37:53.0187 3120	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:37:53.0194 3120	srv2 - ok
21:37:53.0223 3120	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:37:53.0228 3120	srvnet - ok
21:37:53.0383 3120	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:37:53.0387 3120	stexstor - ok
21:37:53.0449 3120	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
21:37:53.0452 3120	storflt - ok
21:37:53.0504 3120	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
21:37:53.0507 3120	storvsc - ok
21:37:53.0557 3120	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:37:53.0559 3120	swenum - ok
21:37:53.0665 3120	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:37:53.0729 3120	Tcpip - ok
21:37:53.0798 3120	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:37:53.0809 3120	TCPIP6 - ok
21:37:53.0852 3120	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:37:53.0855 3120	tcpipreg - ok
21:37:53.0886 3120	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:37:53.0889 3120	TDPIPE - ok
21:37:53.0915 3120	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:37:53.0918 3120	TDTCP - ok
21:37:53.0965 3120	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:37:53.0969 3120	tdx - ok
21:37:54.0016 3120	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:37:54.0019 3120	TermDD - ok
21:37:54.0081 3120	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:54.0084 3120	tssecsrv - ok
21:37:54.0132 3120	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:37:54.0137 3120	TsUsbFlt - ok
21:37:54.0198 3120	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:37:54.0202 3120	tunnel - ok
21:37:54.0236 3120	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:37:54.0238 3120	uagp35 - ok
21:37:54.0283 3120	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:37:54.0288 3120	udfs - ok
21:37:54.0337 3120	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:37:54.0339 3120	uliagpkx - ok
21:37:54.0378 3120	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:37:54.0381 3120	umbus - ok
21:37:54.0430 3120	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:37:54.0432 3120	UmPass - ok
21:37:54.0493 3120	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:37:54.0497 3120	usbaudio - ok
21:37:54.0551 3120	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:54.0555 3120	usbccgp - ok
21:37:54.0605 3120	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:37:54.0609 3120	usbcir - ok
21:37:54.0650 3120	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:37:54.0655 3120	usbehci - ok
21:37:54.0694 3120	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:37:54.0702 3120	usbhub - ok
21:37:54.0726 3120	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:37:54.0729 3120	usbohci - ok
21:37:54.0768 3120	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:37:54.0771 3120	usbprint - ok
21:37:54.0803 3120	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:54.0807 3120	USBSTOR - ok
21:37:54.0831 3120	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:37:54.0834 3120	usbuhci - ok
21:37:54.0896 3120	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
21:37:54.0902 3120	usbvideo - ok
21:37:54.0953 3120	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:37:54.0956 3120	vdrvroot - ok
21:37:55.0010 3120	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:55.0013 3120	vga - ok
21:37:55.0035 3120	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:37:55.0038 3120	VgaSave - ok
21:37:55.0080 3120	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:37:55.0085 3120	vhdmp - ok
21:37:55.0124 3120	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:37:55.0126 3120	viaide - ok
21:37:55.0160 3120	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
21:37:55.0165 3120	vmbus - ok
21:37:55.0187 3120	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
21:37:55.0190 3120	VMBusHID - ok
21:37:55.0222 3120	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:37:55.0225 3120	volmgr - ok
21:37:55.0279 3120	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:37:55.0291 3120	volmgrx - ok
21:37:55.0340 3120	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:37:55.0348 3120	volsnap - ok
21:37:55.0399 3120	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:37:55.0403 3120	vsmraid - ok
21:37:55.0438 3120	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:37:55.0441 3120	vwifibus - ok
21:37:55.0493 3120	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:37:55.0495 3120	WacomPen - ok
21:37:55.0540 3120	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:37:55.0543 3120	WANARP - ok
21:37:55.0549 3120	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:37:55.0550 3120	Wanarpv6 - ok
21:37:55.0597 3120	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:37:55.0599 3120	Wd - ok
21:37:55.0638 3120	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:37:55.0647 3120	Wdf01000 - ok
21:37:55.0698 3120	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:37:55.0700 3120	WfpLwf - ok
21:37:55.0721 3120	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:37:55.0723 3120	WIMMount - ok
21:37:55.0817 3120	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
21:37:55.0820 3120	WinUsb - ok
21:37:55.0860 3120	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:37:55.0862 3120	WmiAcpi - ok
21:37:55.0918 3120	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:37:55.0920 3120	ws2ifsl - ok
21:37:55.0986 3120	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:37:55.0991 3120	WudfPf - ok
21:37:56.0041 3120	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:37:56.0046 3120	WUDFRd - ok
21:37:56.0104 3120	XENfiltv        (754c8bf43f0dd4b54865f174a62761e9) C:\Windows\system32\drivers\XENfiltv.sys
21:37:56.0105 3120	XENfiltv - ok
21:37:56.0225 3120	xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
21:37:56.0228 3120	xusb21 - ok
21:37:56.0275 3120	MBR (0x1B8)     (a394fad93df70af56349f150c1a53331) \Device\Harddisk0\DR0
21:37:56.0308 3120	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
21:37:56.0308 3120	\Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
21:37:56.0313 3120	Boot (0x1200)   (f373672980a468bcab4eb7466ddceb3c) \Device\Harddisk0\DR0\Partition0
21:37:56.0321 3120	\Device\Harddisk0\DR0\Partition0 - ok
21:37:56.0361 3120	Boot (0x1200)   (c22d5cfb8568383976be070c5a93e2bc) \Device\Harddisk0\DR0\Partition1
21:37:56.0371 3120	\Device\Harddisk0\DR0\Partition1 - ok
21:37:56.0401 3120	Boot (0x1200)   (0e6bb4fedb0639f053ad5ec99ef43c72) \Device\Harddisk0\DR0\Partition2
21:37:56.0403 3120	\Device\Harddisk0\DR0\Partition2 - ok
21:37:56.0430 3120	Boot (0x1200)   (b2d034993b7bf5082f1d0285973d1902) \Device\Harddisk0\DR0\Partition3
21:37:56.0432 3120	\Device\Harddisk0\DR0\Partition3 - ok
21:37:56.0432 3120	============================================================
21:37:56.0433 3120	Scan finished
21:37:56.0433 3120	============================================================
21:37:56.0449 2284	Detected object count: 1
21:37:56.0449 2284	Actual detected object count: 1
21:38:08.0826 2284	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - skipped by user
21:38:08.0826 2284	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Skip
         

Code:
ATTFilter
aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-22 21:39:47
-----------------------------
21:39:47.047    OS Version: Windows x64 6.1.7601 Service Pack 1
21:39:47.047    Number of processors: 2 586 0x170A
21:39:47.048    ComputerName: MARK-PC  UserName: Mark
21:39:47.644    Initialize success
21:40:08.901    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:40:08.903    Disk 0 Vendor: ST950032 0001 Size: 476940MB BusType: 3
21:40:08.919    Disk 0 MBR read successfully
21:40:08.922    Disk 0 MBR scan
21:40:08.924    Disk 0 Windows 7 default MBR code
21:40:08.927    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        49999 MB offset 63
21:40:08.929    Disk 0 Partition - 00     0F Extended LBA            426930 MB offset 102398310
21:40:08.949    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       149997 MB offset 102398373
21:40:08.953    Disk 0 Partition - 00     05     Extended            170000 MB offset 409593240
21:40:08.979    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       170000 MB offset 409593303
21:40:08.982    Disk 0 Partition - 00     05     Extended            106932 MB offset 1064948850
21:40:09.007    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       106932 MB offset 757753983
21:40:09.011    Service scanning
21:40:10.139    Modules scanning
21:40:10.504    Disk 0 trace - called modules:
21:40:10.525    ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005798334]<<
21:40:10.535    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800577c360]
21:40:10.542    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046e1050]
21:40:10.549    \Driver\iaStor[0xfffffa8004671880] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8005798334
21:40:10.557    Scan finished successfully
21:40:25.160    Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
21:40:25.165    The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"
         
(Diesmal konnte ich die Antivirusprogramme/Firewalls usw anlassen oder?)

Alt 22.01.2012, 23:41   #7
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan. Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ ) Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.



Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde! Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm. Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 23.01.2012, 11:48   #8
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



TDSS:

Code:
ATTFilter
12:27:53.0494 3776	TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
12:27:53.0735 3776	============================================================
12:27:53.0735 3776	Current date / time: 2012/01/23 12:27:53.0735
12:27:53.0735 3776	SystemInfo:
12:27:53.0735 3776	
12:27:53.0736 3776	OS Version: 6.1.7601 ServicePack: 1.0
12:27:53.0736 3776	Product type: Workstation
12:27:53.0736 3776	ComputerName: MARK-PC
12:27:53.0736 3776	UserName: Mark
12:27:53.0736 3776	Windows directory: C:\Windows
12:27:53.0736 3776	System windows directory: C:\Windows
12:27:53.0736 3776	Running under WOW64
12:27:53.0736 3776	Processor architecture: Intel x64
12:27:53.0736 3776	Number of processors: 2
12:27:53.0736 3776	Page size: 0x1000
12:27:53.0736 3776	Boot type: Normal boot
12:27:53.0736 3776	============================================================
12:27:54.0450 3776	Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:54.0628 3776	Initialize success
12:28:13.0842 2500	============================================================
12:28:13.0842 2500	Scan started
12:28:13.0842 2500	Mode: Manual; 
12:28:13.0842 2500	============================================================
12:28:15.0277 2500	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:28:15.0277 2500	1394ohci - ok
12:28:15.0340 2500	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:28:15.0355 2500	ACPI - ok
12:28:15.0418 2500	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:28:15.0433 2500	AcpiPmi - ok
12:28:15.0605 2500	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:28:15.0605 2500	adp94xx - ok
12:28:15.0667 2500	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:28:15.0683 2500	adpahci - ok
12:28:15.0730 2500	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:28:15.0730 2500	adpu320 - ok
12:28:15.0823 2500	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:28:15.0823 2500	AFD - ok
12:28:15.0870 2500	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:28:15.0870 2500	agp440 - ok
12:28:15.0917 2500	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:28:15.0917 2500	aliide - ok
12:28:15.0932 2500	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:28:15.0932 2500	amdide - ok
12:28:15.0979 2500	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:28:15.0995 2500	AmdK8 - ok
12:28:16.0010 2500	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:28:16.0010 2500	AmdPPM - ok
12:28:16.0057 2500	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:28:16.0073 2500	amdsata - ok
12:28:16.0104 2500	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:28:16.0104 2500	amdsbs - ok
12:28:16.0120 2500	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:28:16.0120 2500	amdxata - ok
12:28:16.0166 2500	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:28:16.0182 2500	AppID - ok
12:28:16.0244 2500	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:28:16.0244 2500	arc - ok
12:28:16.0276 2500	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:28:16.0276 2500	arcsas - ok
12:28:16.0400 2500	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:28:16.0416 2500	AsyncMac - ok
12:28:16.0463 2500	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:28:16.0463 2500	atapi - ok
12:28:16.0603 2500	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
12:28:16.0603 2500	atksgt - ok
12:28:16.0728 2500	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:28:16.0728 2500	b06bdrv - ok
12:28:16.0775 2500	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:28:16.0790 2500	b57nd60a - ok
12:28:16.0853 2500	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:28:16.0868 2500	Beep - ok
12:28:16.0900 2500	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:28:16.0900 2500	blbdrive - ok
12:28:16.0931 2500	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:28:16.0946 2500	bowser - ok
12:28:16.0993 2500	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:28:16.0993 2500	BrFiltLo - ok
12:28:17.0009 2500	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:28:17.0009 2500	BrFiltUp - ok
12:28:17.0071 2500	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:28:17.0071 2500	Brserid - ok
12:28:17.0102 2500	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:28:17.0102 2500	BrSerWdm - ok
12:28:17.0118 2500	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:28:17.0118 2500	BrUsbMdm - ok
12:28:17.0134 2500	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:28:17.0134 2500	BrUsbSer - ok
12:28:17.0165 2500	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:28:17.0165 2500	BTHMODEM - ok
12:28:17.0212 2500	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:28:17.0212 2500	cdfs - ok
12:28:17.0258 2500	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:28:17.0258 2500	cdrom - ok
12:28:17.0305 2500	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:28:17.0321 2500	circlass - ok
12:28:17.0368 2500	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:28:17.0383 2500	CLFS - ok
12:28:17.0508 2500	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:28:17.0508 2500	CmBatt - ok
12:28:17.0570 2500	cmderd          (fa26df95bfbeccbd44c961834789c549) C:\Windows\system32\DRIVERS\cmderd.sys
12:28:17.0570 2500	cmderd - ok
12:28:17.0602 2500	cmdGuard        (efd76d1c9a28b75ff05b23cb0e7f79cd) C:\Windows\system32\DRIVERS\cmdguard.sys
12:28:17.0617 2500	cmdGuard - ok
12:28:17.0648 2500	cmdHlp          (4b5b1688ab86ebced4bef8d337e9a722) C:\Windows\system32\DRIVERS\cmdhlp.sys
12:28:17.0648 2500	cmdHlp - ok
12:28:17.0695 2500	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:28:17.0695 2500	cmdide - ok
12:28:17.0758 2500	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:28:17.0758 2500	CNG - ok
12:28:17.0867 2500	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:28:17.0867 2500	Compbatt - ok
12:28:17.0929 2500	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:28:17.0929 2500	CompositeBus - ok
12:28:17.0976 2500	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:28:17.0976 2500	crcdisk - ok
12:28:18.0101 2500	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
12:28:18.0101 2500	CSC - ok
12:28:18.0226 2500	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:28:18.0226 2500	DfsC - ok
12:28:18.0257 2500	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:28:18.0257 2500	discache - ok
12:28:18.0288 2500	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:28:18.0288 2500	Disk - ok
12:28:18.0319 2500	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:28:18.0319 2500	drmkaud - ok
12:28:18.0413 2500	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:28:18.0444 2500	DXGKrnl - ok
12:28:18.0538 2500	EagleX64 - ok
12:28:18.0647 2500	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:28:18.0772 2500	ebdrv - ok
12:28:18.0865 2500	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:28:18.0881 2500	elxstor - ok
12:28:18.0896 2500	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:28:18.0896 2500	ErrDev - ok
12:28:18.0959 2500	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:28:18.0959 2500	exfat - ok
12:28:18.0990 2500	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:28:18.0990 2500	fastfat - ok
12:28:19.0021 2500	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:28:19.0037 2500	fdc - ok
12:28:19.0068 2500	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:28:19.0068 2500	FileInfo - ok
12:28:19.0084 2500	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:28:19.0099 2500	Filetrace - ok
12:28:19.0130 2500	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:28:19.0130 2500	flpydisk - ok
12:28:19.0162 2500	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:28:19.0177 2500	FltMgr - ok
12:28:19.0193 2500	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:28:19.0208 2500	FsDepends - ok
12:28:19.0224 2500	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:28:19.0240 2500	Fs_Rec - ok
12:28:19.0271 2500	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:28:19.0271 2500	fvevol - ok
12:28:19.0302 2500	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:28:19.0302 2500	gagp30kx - ok
12:28:19.0349 2500	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
12:28:19.0364 2500	hamachi - ok
12:28:19.0458 2500	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:28:19.0474 2500	hcw85cir - ok
12:28:19.0536 2500	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:28:19.0552 2500	HdAudAddService - ok
12:28:19.0630 2500	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:28:19.0630 2500	HDAudBus - ok
12:28:19.0754 2500	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:28:19.0754 2500	HidBatt - ok
12:28:19.0770 2500	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:28:19.0770 2500	HidBth - ok
12:28:19.0801 2500	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:28:19.0801 2500	HidIr - ok
12:28:19.0926 2500	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:28:19.0926 2500	HidUsb - ok
12:28:19.0988 2500	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:28:20.0004 2500	HpSAMD - ok
12:28:20.0066 2500	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:28:20.0113 2500	HTTP - ok
12:28:20.0207 2500	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:28:20.0207 2500	hwpolicy - ok
12:28:20.0269 2500	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:28:20.0269 2500	i8042prt - ok
12:28:20.0394 2500	iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
12:28:20.0394 2500	iaStor - ok
12:28:20.0441 2500	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:28:20.0456 2500	iaStorV - ok
12:28:20.0519 2500	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:28:20.0519 2500	iirsp - ok
12:28:20.0566 2500	inspect         (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
12:28:20.0566 2500	inspect - ok
12:28:20.0628 2500	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:28:20.0628 2500	intelide - ok
12:28:20.0675 2500	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:28:20.0675 2500	intelppm - ok
12:28:20.0722 2500	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:28:20.0722 2500	IpFilterDriver - ok
12:28:20.0831 2500	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:28:20.0831 2500	IPMIDRV - ok
12:28:20.0862 2500	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:28:20.0878 2500	IPNAT - ok
12:28:20.0971 2500	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:28:20.0971 2500	IRENUM - ok
12:28:21.0018 2500	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:28:21.0018 2500	isapnp - ok
12:28:21.0049 2500	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:28:21.0049 2500	iScsiPrt - ok
12:28:21.0174 2500	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:28:21.0174 2500	kbdclass - ok
12:28:21.0205 2500	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:28:21.0221 2500	kbdhid - ok
12:28:21.0314 2500	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:28:21.0330 2500	KSecDD - ok
12:28:21.0361 2500	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:28:21.0361 2500	KSecPkg - ok
12:28:21.0408 2500	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:28:21.0408 2500	ksthunk - ok
12:28:21.0580 2500	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
12:28:21.0580 2500	lirsgt - ok
12:28:21.0626 2500	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:28:21.0626 2500	lltdio - ok
12:28:21.0673 2500	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:28:21.0673 2500	LSI_FC - ok
12:28:21.0689 2500	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:28:21.0704 2500	LSI_SAS - ok
12:28:21.0720 2500	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:28:21.0720 2500	LSI_SAS2 - ok
12:28:21.0751 2500	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:28:21.0751 2500	LSI_SCSI - ok
12:28:21.0782 2500	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:28:21.0782 2500	luafv - ok
12:28:21.0876 2500	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
12:28:21.0876 2500	MBAMProtector - ok
12:28:21.0923 2500	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:28:21.0938 2500	megasas - ok
12:28:21.0970 2500	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:28:21.0985 2500	MegaSR - ok
12:28:22.0079 2500	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:28:22.0079 2500	Modem - ok
12:28:22.0157 2500	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:28:22.0157 2500	monitor - ok
12:28:22.0204 2500	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:28:22.0219 2500	mouclass - ok
12:28:22.0250 2500	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:28:22.0250 2500	mouhid - ok
12:28:22.0297 2500	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:28:22.0297 2500	mountmgr - ok
12:28:22.0328 2500	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:28:22.0344 2500	mpio - ok
12:28:22.0360 2500	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:28:22.0360 2500	mpsdrv - ok
12:28:22.0422 2500	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:28:22.0438 2500	MRxDAV - ok
12:28:22.0484 2500	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:28:22.0484 2500	mrxsmb - ok
12:28:22.0531 2500	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:28:22.0531 2500	mrxsmb10 - ok
12:28:22.0547 2500	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:28:22.0547 2500	mrxsmb20 - ok
12:28:22.0594 2500	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:28:22.0594 2500	msahci - ok
12:28:22.0656 2500	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:28:22.0656 2500	msdsm - ok
12:28:22.0718 2500	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:28:22.0718 2500	Msfs - ok
12:28:22.0734 2500	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:28:22.0750 2500	mshidkmdf - ok
12:28:22.0781 2500	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:28:22.0781 2500	msisadrv - ok
12:28:22.0828 2500	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:28:22.0828 2500	MSKSSRV - ok
12:28:22.0843 2500	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:28:22.0843 2500	MSPCLOCK - ok
12:28:22.0859 2500	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:28:22.0859 2500	MSPQM - ok
12:28:22.0906 2500	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:28:22.0921 2500	MsRPC - ok
12:28:22.0952 2500	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:28:22.0952 2500	mssmbios - ok
12:28:22.0999 2500	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:28:22.0999 2500	MSTEE - ok
12:28:23.0046 2500	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:28:23.0046 2500	MTConfig - ok
12:28:23.0062 2500	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:28:23.0062 2500	Mup - ok
12:28:23.0124 2500	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:28:23.0140 2500	NativeWifiP - ok
12:28:23.0218 2500	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:28:23.0233 2500	NDIS - ok
12:28:23.0327 2500	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:28:23.0327 2500	NdisCap - ok
12:28:23.0358 2500	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:28:23.0374 2500	NdisTapi - ok
12:28:23.0436 2500	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:28:23.0436 2500	Ndisuio - ok
12:28:23.0498 2500	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:28:23.0498 2500	NdisWan - ok
12:28:23.0576 2500	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:28:23.0592 2500	NDProxy - ok
12:28:23.0654 2500	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:28:23.0654 2500	NetBIOS - ok
12:28:23.0701 2500	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:28:23.0701 2500	NetBT - ok
12:28:23.0951 2500	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:28:24.0076 2500	netw5v64 - ok
12:28:24.0138 2500	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:28:24.0138 2500	nfrd960 - ok
12:28:24.0200 2500	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:28:24.0200 2500	Npfs - ok
12:28:24.0216 2500	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:28:24.0216 2500	nsiproxy - ok
12:28:24.0294 2500	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:28:24.0325 2500	Ntfs - ok
12:28:24.0356 2500	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:28:24.0372 2500	Null - ok
12:28:24.0700 2500	nvlddmkm        (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:28:24.0934 2500	nvlddmkm - ok
12:28:24.0996 2500	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:28:24.0996 2500	nvraid - ok
12:28:25.0027 2500	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:28:25.0027 2500	nvstor - ok
12:28:25.0090 2500	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:28:25.0105 2500	nv_agp - ok
12:28:25.0136 2500	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:28:25.0136 2500	ohci1394 - ok
12:28:25.0183 2500	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:28:25.0183 2500	Parport - ok
12:28:25.0230 2500	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:28:25.0230 2500	partmgr - ok
12:28:25.0261 2500	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:28:25.0261 2500	pci - ok
12:28:25.0308 2500	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:28:25.0308 2500	pciide - ok
12:28:25.0339 2500	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:28:25.0339 2500	pcmcia - ok
12:28:25.0370 2500	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:28:25.0370 2500	pcw - ok
12:28:25.0402 2500	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:28:25.0417 2500	PEAUTH - ok
12:28:25.0558 2500	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:28:25.0558 2500	PptpMiniport - ok
12:28:25.0589 2500	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:28:25.0604 2500	Processor - ok
12:28:25.0682 2500	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:28:25.0682 2500	Psched - ok
12:28:25.0760 2500	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:28:25.0807 2500	ql2300 - ok
12:28:25.0838 2500	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:28:25.0838 2500	ql40xx - ok
12:28:25.0870 2500	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:28:25.0870 2500	QWAVEdrv - ok
12:28:25.0885 2500	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:28:25.0885 2500	RasAcd - ok
12:28:25.0916 2500	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:28:25.0932 2500	RasAgileVpn - ok
12:28:25.0963 2500	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:28:25.0979 2500	Rasl2tp - ok
12:28:26.0010 2500	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:28:26.0010 2500	RasPppoe - ok
12:28:26.0026 2500	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:28:26.0026 2500	RasSstp - ok
12:28:26.0088 2500	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:28:26.0088 2500	rdbss - ok
12:28:26.0119 2500	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:28:26.0119 2500	rdpbus - ok
12:28:26.0166 2500	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:28:26.0166 2500	RDPCDD - ok
12:28:26.0213 2500	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
12:28:26.0213 2500	RDPDR - ok
12:28:26.0244 2500	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:28:26.0244 2500	RDPENCDD - ok
12:28:26.0275 2500	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:28:26.0275 2500	RDPREFMP - ok
12:28:26.0322 2500	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:28:26.0338 2500	RDPWD - ok
12:28:26.0384 2500	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:28:26.0384 2500	rdyboost - ok
12:28:26.0447 2500	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:28:26.0447 2500	rspndr - ok
12:28:26.0509 2500	RTL8167         (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:28:26.0509 2500	RTL8167 - ok
12:28:26.0556 2500	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
12:28:26.0556 2500	s3cap - ok
12:28:26.0603 2500	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:28:26.0603 2500	sbp2port - ok
12:28:26.0650 2500	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:28:26.0650 2500	scfilter - ok
12:28:26.0696 2500	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
12:28:26.0696 2500	sdbus - ok
12:28:26.0743 2500	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:28:26.0743 2500	secdrv - ok
12:28:26.0821 2500	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:28:26.0821 2500	Serenum - ok
12:28:26.0837 2500	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:28:26.0837 2500	Serial - ok
12:28:26.0884 2500	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:28:26.0884 2500	sermouse - ok
12:28:26.0977 2500	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
12:28:26.0993 2500	sffdisk - ok
12:28:27.0024 2500	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:28:27.0024 2500	sffp_mmc - ok
12:28:27.0040 2500	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:28:27.0040 2500	sffp_sd - ok
12:28:27.0071 2500	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:28:27.0071 2500	sfloppy - ok
12:28:27.0102 2500	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:28:27.0102 2500	SiSRaid2 - ok
12:28:27.0133 2500	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:28:27.0133 2500	SiSRaid4 - ok
12:28:27.0164 2500	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:28:27.0164 2500	Smb - ok
12:28:27.0258 2500	smserial        (7ae8bca90539ecbde87ac45ba1436be3) C:\Windows\system32\DRIVERS\SmSerl64.sys
12:28:27.0289 2500	smserial - ok
12:28:27.0383 2500	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:28:27.0398 2500	spldr - ok
12:28:27.0461 2500	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:28:27.0461 2500	srv - ok
12:28:27.0508 2500	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:28:27.0523 2500	srv2 - ok
12:28:27.0539 2500	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:28:27.0554 2500	srvnet - ok
12:28:27.0710 2500	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:28:27.0726 2500	stexstor - ok
12:28:27.0788 2500	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
12:28:27.0788 2500	storflt - ok
12:28:27.0851 2500	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
12:28:27.0851 2500	storvsc - ok
12:28:27.0882 2500	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:28:27.0898 2500	swenum - ok
12:28:27.0991 2500	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
12:28:28.0069 2500	Tcpip - ok
12:28:28.0147 2500	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
12:28:28.0147 2500	TCPIP6 - ok
12:28:28.0210 2500	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:28:28.0210 2500	tcpipreg - ok
12:28:28.0272 2500	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:28:28.0272 2500	TDPIPE - ok
12:28:28.0350 2500	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
12:28:28.0350 2500	TDTCP - ok
12:28:28.0459 2500	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:28:28.0459 2500	tdx - ok
12:28:28.0506 2500	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:28:28.0506 2500	TermDD - ok
12:28:28.0584 2500	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:28:28.0584 2500	tssecsrv - ok
12:28:28.0631 2500	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:28:28.0631 2500	TsUsbFlt - ok
12:28:28.0693 2500	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:28:28.0693 2500	tunnel - ok
12:28:28.0724 2500	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:28:28.0724 2500	uagp35 - ok
12:28:28.0771 2500	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:28:28.0771 2500	udfs - ok
12:28:28.0849 2500	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:28:28.0849 2500	uliagpkx - ok
12:28:28.0880 2500	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:28:28.0896 2500	umbus - ok
12:28:28.0943 2500	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:28:28.0943 2500	UmPass - ok
12:28:29.0005 2500	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:28:29.0005 2500	usbaudio - ok
12:28:29.0036 2500	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:28:29.0036 2500	usbccgp - ok
12:28:29.0083 2500	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:28:29.0083 2500	usbcir - ok
12:28:29.0130 2500	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:28:29.0130 2500	usbehci - ok
12:28:29.0177 2500	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:28:29.0177 2500	usbhub - ok
12:28:29.0208 2500	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:28:29.0208 2500	usbohci - ok
12:28:29.0239 2500	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:28:29.0255 2500	usbprint - ok
12:28:29.0270 2500	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:28:29.0270 2500	USBSTOR - ok
12:28:29.0302 2500	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
12:28:29.0302 2500	usbuhci - ok
12:28:29.0364 2500	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:28:29.0364 2500	usbvideo - ok
12:28:29.0458 2500	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:28:29.0473 2500	vdrvroot - ok
12:28:29.0520 2500	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:28:29.0520 2500	vga - ok
12:28:29.0551 2500	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:28:29.0551 2500	VgaSave - ok
12:28:29.0582 2500	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:28:29.0598 2500	vhdmp - ok
12:28:29.0629 2500	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:28:29.0629 2500	viaide - ok
12:28:29.0660 2500	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
12:28:29.0660 2500	vmbus - ok
12:28:29.0692 2500	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
12:28:29.0692 2500	VMBusHID - ok
12:28:29.0707 2500	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:28:29.0707 2500	volmgr - ok
12:28:29.0770 2500	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:28:29.0770 2500	volmgrx - ok
12:28:29.0816 2500	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:28:29.0816 2500	volsnap - ok
12:28:29.0863 2500	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:28:29.0863 2500	vsmraid - ok
12:28:29.0894 2500	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
12:28:29.0894 2500	vwifibus - ok
12:28:29.0941 2500	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:28:29.0941 2500	WacomPen - ok
12:28:29.0988 2500	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:28:29.0988 2500	WANARP - ok
12:28:30.0004 2500	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:28:30.0004 2500	Wanarpv6 - ok
12:28:30.0050 2500	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:28:30.0050 2500	Wd - ok
12:28:30.0097 2500	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:28:30.0097 2500	Wdf01000 - ok
12:28:30.0160 2500	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:28:30.0160 2500	WfpLwf - ok
12:28:30.0191 2500	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:28:30.0191 2500	WIMMount - ok
12:28:30.0316 2500	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
12:28:30.0316 2500	WinUsb - ok
12:28:30.0362 2500	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:28:30.0362 2500	WmiAcpi - ok
12:28:30.0409 2500	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:28:30.0425 2500	ws2ifsl - ok
12:28:30.0472 2500	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:28:30.0472 2500	WudfPf - ok
12:28:30.0487 2500	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:28:30.0503 2500	WUDFRd - ok
12:28:30.0550 2500	XENfiltv        (754c8bf43f0dd4b54865f174a62761e9) C:\Windows\system32\drivers\XENfiltv.sys
12:28:30.0550 2500	XENfiltv - ok
12:28:30.0659 2500	xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
12:28:30.0659 2500	xusb21 - ok
12:28:30.0690 2500	MBR (0x1B8)     (a394fad93df70af56349f150c1a53331) \Device\Harddisk0\DR0
12:28:30.0737 2500	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
12:28:30.0737 2500	\Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
12:28:30.0737 2500	Boot (0x1200)   (f373672980a468bcab4eb7466ddceb3c) \Device\Harddisk0\DR0\Partition0
12:28:30.0737 2500	\Device\Harddisk0\DR0\Partition0 - ok
12:28:30.0799 2500	Boot (0x1200)   (c22d5cfb8568383976be070c5a93e2bc) \Device\Harddisk0\DR0\Partition1
12:28:30.0799 2500	\Device\Harddisk0\DR0\Partition1 - ok
12:28:30.0815 2500	Boot (0x1200)   (0e6bb4fedb0639f053ad5ec99ef43c72) \Device\Harddisk0\DR0\Partition2
12:28:30.0815 2500	\Device\Harddisk0\DR0\Partition2 - ok
12:28:30.0846 2500	Boot (0x1200)   (b2d034993b7bf5082f1d0285973d1902) \Device\Harddisk0\DR0\Partition3
12:28:30.0846 2500	\Device\Harddisk0\DR0\Partition3 - ok
12:28:30.0846 2500	============================================================
12:28:30.0846 2500	Scan finished
12:28:30.0846 2500	============================================================
12:28:30.0846 2884	Detected object count: 1
12:28:30.0846 2884	Actual detected object count: 1
12:28:35.0604 2884	\Device\Harddisk0\DR0 - processing error
12:28:47.0008 2884	\Device\Harddisk0\DR0 - will be restored on reboot
12:28:47.0008 2884	\Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore 
12:28:49.0379 3924	Deinitialize success
         

Bei combofix kam es nach einem scheinbareren Scan zu folgendem Fehler:

"NIRCMD

"NIRCMD" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang"

Zudem öffnet sich ein Dos Fenster in dem steht:
"Der Befehl "c.bat" ist entweder falsch geschrieben oder konnte nicht gefunden werden.
C:\ComboFix>"

Alt 23.01.2012, 15:27   #9
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Hy


Lösche bitte die vorhandene Combofix Version und downloade dir von hier eine neue Version.

Benenne diese vor dem abspeichern in svchost.exe um.
Gehe sicher, dass all deine Anti Virus und anderen Schutzprogramme abgeschalten sind und starte die umbenannte Version von Combofix mit Rechtsklick --> Als Admin ausführen
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Geändert von Larusso (23.01.2012 um 15:42 Uhr)

Alt 24.01.2012, 23:46   #10
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Hi,

Also nach dem Starten des Programms läuft scheinbar automatisch ein Scan durch und dann schließt sich das Programm und es passiert nichts. Ich kriege also keine Anweisungen oder kann irgendwas anklicken. Es kommt keine Fehlermeldung aber ich finde auch keine Log Datei.
Google funktioniert aber schonmal wieder

Alt 25.01.2012, 00:10   #11
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Sie bitte mal im Ordner C:\qoobox nach, ob sich dort eine Combofix.txt befindet
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 26.01.2012, 16:35   #12
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



In dem Ordner sind nur Unterordner die auch alle leer sind.

Alt 26.01.2012, 20:45   #13
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Gehe in den abgesicherten Modus (Link bitte unbedingt anklicken & lesen!) von windows
  • Starte den Rechner neu auf.
  • Sobald du den Rechner das erste mal piepen hörst, drücke die F8 Taste. ( Dies kann von System zu System variieren )
  • Windows wird dir ein Auswahlmenu geben anstatt sich normal zu starten.
  • Wähle hier Abgesicherter Modus und drücke Enter.


Starte Combofix und lass es in Ruhe laufen. Hoffentlich bekomm ich jetzt ein Logfile
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.01.2012, 01:04   #14
SaberR
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Ah ok.

Jetzt habe ich eine Log Datei. Allerdings hat er vor dem Scan darauf hingewiesen, dass "Desktop Antivir" laufen würde. Ich habe leider keine Ahnung wie man das schließt (im Taskmanager habe ich nichts gefunden).
Ich hoffe die Log Datei ist trotzdem brauchbar.

Code:
ATTFilter
ComboFix 12-01-23.02 - Mark 27.01.2012   1:44.1.2 - x64 MINIMAL
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4091.3447 [GMT 1:00]
ausgeführt von:: c:\users\Mark\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\users\Mark\P-7-78-8964-9648-3874
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-12-27 bis 2012-01-27  ))))))))))))))))))))))))))))))
.
.
2012-01-27 00:49 . 2012-01-27 00:49	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2012-01-27 00:49 . 2012-01-27 00:49	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2012-01-27 00:49 . 2012-01-27 00:49	--------	d-----w-	c:\users\postgres.Mark-PC\AppData\Local\temp
2012-01-27 00:49 . 2012-01-27 00:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-01-26 18:36 . 2012-01-26 18:36	--------	d-----w-	c:\users\Mark\AppData\Local\Namco
2012-01-26 18:06 . 2012-01-26 18:07	--------	d-----w-	c:\program files (x86)\Puzzle Quest 2
2012-01-26 17:43 . 2012-01-26 17:43	--------	d-----w-	c:\program files (x86)\bfgclient
2012-01-26 17:43 . 2012-01-26 17:43	--------	d-----w-	c:\programdata\Big Fish Games
2012-01-26 17:35 . 2012-01-26 18:08	--------	d-----w-	C:\BigFishGamesCache
2012-01-15 19:53 . 2012-01-15 19:54	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-01-12 20:50 . 2012-01-12 20:50	--------	d-----w-	c:\programdata\Creative Labs
2012-01-11 19:56 . 2011-10-26 05:25	1572864	----a-w-	c:\windows\system32\quartz.dll
2012-01-11 19:56 . 2011-10-26 04:32	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-01-11 19:56 . 2011-10-26 04:32	1328128	----a-w-	c:\windows\SysWow64\quartz.dll
2012-01-11 19:56 . 2011-10-26 05:25	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-01-11 19:56 . 2011-11-17 06:41	1731920	----a-w-	c:\windows\system32\ntdll.dll
2012-01-11 19:56 . 2011-11-17 05:38	1292080	----a-w-	c:\windows\SysWow64\ntdll.dll
2012-01-11 19:56 . 2011-11-19 14:58	77312	----a-w-	c:\windows\system32\packager.dll
2012-01-11 19:56 . 2011-11-19 14:01	67072	----a-w-	c:\windows\SysWow64\packager.dll
2012-01-11 15:54 . 2012-01-11 18:19	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-11 15:54 . 2012-01-11 15:54	--------	d-----w-	c:\windows\system32\Macromed
2012-01-11 15:42 . 2012-01-11 15:42	--------	d-----w-	c:\program files (x86)\Common Files\Java
2012-01-11 15:42 . 2012-01-11 15:42	637848	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-01-11 11:34 . 2012-01-11 11:34	--------	d-----w-	C:\found.000
2012-01-09 15:04 . 2012-01-09 15:04	11776	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2012-01-09 15:04 . 2012-01-09 15:04	--------	d-----w-	c:\program files (x86)\Common Files\xing shared
2012-01-09 15:04 . 2012-01-09 15:04	150696	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2012-01-09 15:03 . 2012-01-09 15:04	108544	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
2012-01-09 15:03 . 2012-01-09 15:03	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2012-01-09 15:03 . 2012-01-09 15:04	--------	d-----w-	c:\program files (x86)\Real
2012-01-07 18:02 . 2012-01-07 18:02	626688	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-07 18:02 . 2012-01-07 18:02	548864	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-07 18:02 . 2012-01-07 18:02	479232	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-07 18:02 . 2012-01-07 18:02	43992	----a-w-	c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-03 13:10 . 2012-01-03 13:10	182672	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10	182672	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-11 15:42 . 2010-07-11 13:34	567184	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-12-19 18:59 . 2011-10-07 17:48	93200	----a-w-	c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2011-10-07 17:47	43248	----a-w-	c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2011-10-07 17:47	577824	----a-w-	c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59 . 2011-10-07 17:47	22696	----a-w-	c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-07 17:47	41200	----a-w-	c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2011-10-07 17:47	301224	----a-w-	c:\windows\SysWow64\guard32.dll
2011-12-19 18:58 . 2011-10-07 17:47	389840	----a-w-	c:\windows\system32\guard64.dll
2011-12-10 14:24 . 2011-11-08 19:54	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-12-08 12:31 . 2011-12-08 12:31	235	----a-w-	c:\windows\SysWow64\nxEuUninstall.bat
2011-12-08 12:31 . 2011-12-08 12:31	446464	----a-w-	c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-11-24 04:52 . 2011-12-14 10:18	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-11-06 01:36 . 2011-11-06 01:36	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2011-11-06 01:36 . 2011-11-06 01:36	1700352	----a-w-	c:\windows\SysWow64\gdiplus.dll
2011-11-06 01:36 . 2011-11-06 01:36	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2011-11-05 05:41 . 2011-12-14 10:18	1188864	----a-w-	c:\windows\system32\wininet.dll
2011-11-05 05:32 . 2011-12-14 10:18	2048	----a-w-	c:\windows\system32\tzres.dll
2011-11-05 04:35 . 2011-12-14 10:18	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2011-11-05 04:26 . 2011-12-14 10:18	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-05 03:32 . 2011-12-14 10:18	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-11-05 02:48 . 2011-12-14 10:18	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-11-01 00:07 . 2011-11-01 00:07	55384	----a-w-	c:\windows\system32\drivers\SBREDrv.sys
2006-05-03 09:06	163328	--sh--r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47	31232	--sh--r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30	216064	--sh--r-	c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"Steam"="f:\steam\steam.exe" [2011-08-02 1242448]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-11-23 213304]
"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-11-23 184120]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"combofix"="c:\combofix\CF27700.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-08-10 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-08-10 79360]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;F:/poker/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D F:/poker/PostgreSQL/8.4/data -w [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-28 c:\windows\Tasks\Norton Security Scan for Mark.job
- c:\progra~2\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-23 23:02]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 9454920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:62141
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: Interfaces\{1A25F6BA-D8E7-4EA0-9407-9F8E5E0EA8CA}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{BFBC0C73-8713-4369-8AD9-1C5E85151453}: NameServer = 8.26.56.26,156.154.70.22
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\mfzfdpv8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 62141
FF - prefs.js: network.proxy.type - 0
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="F:/poker/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"F:/poker/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="F:/poker/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"F:/poker/PostgreSQL/8.4/data\" -w"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
f:\poker\PostgreSQL\8.4\bin\pg_ctl.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
f:\poker\PostgreSQL\8.4\bin\postgres.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-01-27  01:58:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-01-27 00:58
.
Vor Suchlauf: 9.049.088.000 Bytes frei
Nach Suchlauf: 9.201.053.696 Bytes frei
.
- - End Of File - - 6A4A1A47403C71EC33C4A3399B326782
         

Alt 27.01.2012, 16:02   #15
Larusso
/// Selecta Jahrusso
 
Browser starten nicht mehr, google schickt mich auf falsche Seiten - Standard

Browser starten nicht mehr, google schickt mich auf falsche Seiten



Hy,

Iwie seltsam, da im abgesicherten Modus überhaupt nichts dergleichen läuft. Anyway

Hast du den Proxy Server selber erstellt ? ( wenn du nicht weißt, was es ist, wird dies nicht der Fall sein )

Wie läuft der Rechner im Normal Modus
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu Browser starten nicht mehr, google schickt mich auf falsche Seiten
autorun, bho, browser, downloader, error, exe, firefox, format, google, google earth, helper, hijack, iexplore.exe, iminent, iminent toolbar, install.exe, jdownloader, langs, logfile, mbamservice.exe, mozilla thunderbird, nvidia update, object, port, realtek, registry, required, rundll, scan, security, security scan, software, starten, super, sweetim, taskmanager, teamspeak, webcheck, windows



Ähnliche Themen: Browser starten nicht mehr, google schickt mich auf falsche Seiten


  1. IE und FF-Browser linken auf falsche Seiten weiter, Opera ragiert gar nicht mehr
    Log-Analyse und Auswertung - 29.10.2014 (16)
  2. Google-Links leiten mich auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (23)
  3. Google leitet mich auf falsche Webseiten + Microsoft Security Essentials lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (18)
  4. Google Suchergebnisse schicken mich auf falsche seiten!
    Plagegeister aller Art und deren Bekämpfung - 19.01.2013 (12)
  5. Windows Sicherheitscenter nicht mehr starten lässt und dass google mich zu Fremde Seiten umleitet
    Log-Analyse und Auswertung - 14.01.2013 (26)
  6. google leitet mich auf falsche Seiten um (google redirect?)
    Log-Analyse und Auswertung - 14.08.2012 (20)
  7. Google leitet mich auf falsche Seiten weiter
    Plagegeister aller Art und deren Bekämpfung - 03.01.2012 (11)
  8. Google schickt mich zu falschen Seiten, Facebook Virus?
    Plagegeister aller Art und deren Bekämpfung - 10.11.2011 (3)
  9. Google leitet mich auf falsche Seiten um
    Log-Analyse und Auswertung - 18.10.2011 (11)
  10. google chrome schickt mich auf andere seiten !
    Plagegeister aller Art und deren Bekämpfung - 03.06.2011 (1)
  11. Keine Updates/ Google öffnet falsche Seiten/ Virussoftware updated nicht mehr
    Log-Analyse und Auswertung - 22.05.2010 (1)
  12. Google leitet mich auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 10.03.2010 (4)
  13. Google schickt mich auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 09.03.2010 (3)
  14. Google öffnet nicht mehr die Standardseite bzw. macht in Firefox falsche Seiten auf
    Plagegeister aller Art und deren Bekämpfung - 01.06.2009 (20)
  15. Google schickt mich auf falsche Internetseiten - Anti-Virus Programme finden nichts
    Plagegeister aller Art und deren Bekämpfung - 18.01.2009 (4)
  16. Google-Links leiten mich auf falsche Seiten...
    Log-Analyse und Auswertung - 21.12.2008 (2)
  17. Google leitet mich immer auf falsche Seiten um
    Log-Analyse und Auswertung - 06.12.2006 (1)

Zum Thema Browser starten nicht mehr, google schickt mich auf falsche Seiten - Hallo, habe zwei Probleme. Das größere von den beiden: Seit heute öffnet mein PC keinen Browser mehr. Ich nutze normalerweise Firefox (aktuelle Version). Ich habe auch den Internetexplorer probiert und - Browser starten nicht mehr, google schickt mich auf falsche Seiten...
Archiv
Du betrachtest: Browser starten nicht mehr, google schickt mich auf falsche Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.