Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet Explorer 9 öffnet im "Schnelldurchlauf" die Homepage und stürzt dann ab. (https://www.trojaner-board.de/96572-internet-explorer-9-oeffnet-schnelldurchlauf-homepage-stuerzt-dann-ab.html)

M1600wner 18.03.2011 16:45
Das Problem hat sich bereits durch einen weiteren Neustart gelöst (Das Problem mit dem Öffnen von Programmen) der IE9 Spinnt nach wie vor.

Soll ich das Script trotzdessen ausführen?

cosinus 18.03.2011 19:51
Ja bitte ausführen.

M1600wner 18.03.2011 21:43
So, das Problem mit dem Öffnen ist wieder da, was aber wahrscheinlich durch neustart behoben wird. Somit kein Problem - Also :
Hier das Log.
Das Internet Explorer Problem ist immernoch da.

Combofix Logfile:
Code:
ComboFix 11-03-18.01 - Gamer-Pro 18.03.2011  21:11:16.2.2 - x86
ausgeführt von:: c:\users\Gamer-Pro\Desktop\cofi.exe.exe
Benutzte Befehlsschalter :: c:\users\Gamer-Pro\Desktop\CFScript.txt.txt
.
FILE ::
"c:\users\GAMER-~1\AppData\Local\Temp\xspirit.sys"
"c:\windows\system32\XDva349.sys"
"c:\windows\system32\XDva352.sys"
"c:\windows\system32\XDva359.sys"
"c:\windows\system32\XDva361.sys"
"c:\windows\system32\XDva362.sys"
"c:\windows\system32\XDva366.sys"
"c:\windows\system32\XDva367.sys"
"c:\windows\system32\XDva368.sys"
"c:\windows\system32\XDva370.sys"
"c:\windows\system32\XDva372.sys"
"c:\windows\system32\XDva374.sys"
"c:\windows\system32\XDva375.sys"
"c:\windows\system32\XDva377.sys"
"c:\windows\system32\XDva379.sys"
"c:\windows\system32\XDva380.sys"
"c:\windows\system32\XDva382.sys"
"c:\windows\system32\XDva383.sys"
"c:\windows\system32\XDva384.sys"
"c:\windows\vtany.sys"
"c:\windows\xhunter1.sys"
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi
c:\windows\system32\Te_mp_B_S!!
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_VTANY
-------\Legacy_XDVA348
-------\Legacy_XDVA349
-------\Legacy_XDVA352
-------\Legacy_XDVA359
-------\Legacy_XDVA361
-------\Legacy_XDVA362
-------\Legacy_XDVA366
-------\Legacy_XDVA367
-------\Legacy_XDVA368
-------\Legacy_XDVA370
-------\Legacy_XDVA372
-------\Legacy_XDVA374
-------\Legacy_XDVA375
-------\Legacy_XDVA377
-------\Legacy_XDVA379
-------\Legacy_XDVA380
-------\Legacy_XDVA382
-------\Legacy_XDVA383
-------\Legacy_XDVA384
-------\Legacy_XHUNTER1
-------\Legacy_XSPIRIT
-------\Service_vtany
-------\Service_XDva348
-------\Service_XDva349
-------\Service_XDva352
-------\Service_XDva359
-------\Service_XDva361
-------\Service_XDva362
-------\Service_XDva366
-------\Service_XDva367
-------\Service_XDva368
-------\Service_XDva370
-------\Service_XDva372
-------\Service_XDva374
-------\Service_XDva375
-------\Service_XDva377
-------\Service_XDva379
-------\Service_XDva380
-------\Service_XDva382
-------\Service_XDva383
-------\Service_XDva384
-------\Service_xhunter1
-------\Service_xspirit
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-02-18 bis 2011-03-18  ))))))))))))))))))))))))))))))
.
.
2011-03-18 20:27 . 2011-03-18 20:31        --------        d-----w-        c:\users\Gamer-Pro\AppData\Local\temp
2011-03-17 21:00 . 2011-03-17 21:29        --------        d-----w-        C:\cofi.exe
2011-03-17 19:00 . 2011-03-17 19:00        --------        d-----w-        C:\_OTL
2011-03-15 21:14 . 2011-03-15 21:14        161792        ----a-w-        c:\windows\system32\msls31.dll
2011-03-15 21:14 . 2011-03-15 21:14        1126912        ----a-w-        c:\windows\system32\wininet.dll
2011-03-15 21:14 . 2011-03-15 21:14        107008        ----a-w-        c:\program files\Internet Explorer\iecleanup.exe
2011-03-15 21:14 . 2011-03-15 21:14        307200        ----a-w-        c:\program files\Internet Explorer\iediagcmd.exe
2011-03-15 21:14 . 2011-03-15 21:14        141104        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll
2011-03-15 21:14 . 2011-03-15 21:14        748336        ----a-w-        c:\program files\Internet Explorer\iexplore.exe
2011-03-15 21:12 . 2011-03-15 21:12        766976        ----a-w-        c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-03-15 21:12 . 2011-03-15 21:12        110592        ----a-w-        c:\windows\system32\IEAdvpack.dll
2011-03-15 21:12 . 2011-03-15 21:12        149504        ----a-w-        c:\program files\Internet Explorer\jsprofilerui.dll
2011-03-15 21:12 . 2011-03-15 21:12        386560        ----a-w-        c:\program files\Internet Explorer\jsdbgui.dll
2011-03-15 21:12 . 2011-03-15 21:12        22016        ----a-w-        c:\program files\Internet Explorer\ExtExport.exe
2011-03-13 19:47 . 2011-03-13 19:47        --------        d-----w-        C:\SAVE
2011-03-13 19:45 . 2011-03-13 19:45        --------        d-----w-        C:\Sierra
2011-03-13 16:00 . 2011-03-13 18:27        --------        d-----w-        c:\users\Gamer-Pro\.tectonicus
2011-03-13 16:00 . 2011-03-13 16:00        --------        d-----w-        c:\users\Gamer-Pro\AppData\Roaming\Minetographer
2011-03-13 15:57 . 2011-03-13 15:57        --------        d-----w-        c:\users\Gamer-Pro\Minetographer
2011-03-11 21:27 . 2011-03-11 21:27        --------        d-----w-        c:\users\Gamer-Pro\AppData\Local\Xara
2011-03-11 21:27 . 2011-03-11 21:27        --------        d-----w-        c:\program files\Common Files\MAGIX Shared
2011-03-11 21:23 . 2011-03-11 21:24        --------        d-----w-        c:\program files\MAGIX
2011-03-11 21:23 . 2011-03-11 21:24        --------        d-----w-        c:\programdata\MAGIX
2011-03-11 21:23 . 2011-03-11 21:23        --------        d-----w-        c:\program files\Common Files\MAGIX Services
2011-03-11 21:03 . 2011-03-11 21:27        --------        d-----w-        c:\users\Gamer-Pro\AppData\Roaming\MAGIX
2011-03-09 13:53 . 2010-12-29 18:28        322560        ----a-w-        c:\windows\system32\sbe.dll
2011-03-09 13:53 . 2010-12-29 18:28        429056        ----a-w-        c:\windows\system32\EncDec.dll
2011-03-09 13:53 . 2010-12-29 18:28        153088        ----a-w-        c:\windows\system32\sbeio.dll
2011-03-09 13:53 . 2010-12-29 18:26        177664        ----a-w-        c:\windows\system32\mpg2splt.ax
2011-03-09 13:53 . 2010-12-17 15:45        2067968        ----a-w-        c:\windows\system32\mstscax.dll
2011-03-09 13:53 . 2010-12-17 13:54        677888        ----a-w-        c:\windows\system32\mstsc.exe
2011-03-06 20:02 . 2011-03-11 21:48        --------        d-----w-        c:\program files\Eternia CrossFire
2011-03-05 06:32 . 2011-03-05 12:54        --------        d-----w-        c:\program files\Runes of Magic
2011-03-04 19:19 . 2011-03-04 19:19        --------        d-----w-        c:\program files\LogMeIn Hamachi
2011-02-28 11:16 . 2010-02-15 11:03        286208        ----a-w-        c:\windows\system32\binkw32.dll
2011-02-27 18:36 . 2011-02-27 18:55        --------        d-----w-        c:\program files\TuneUp Utilities 2011
2011-02-26 01:19 . 2011-02-26 01:19        41872        ----a-w-        c:\windows\system32\xfcodec.dll
2011-02-24 18:28 . 2011-02-24 18:28        --------        d-----w-        c:\program files\avmwlanstick
2011-02-24 18:28 . 2008-09-05 01:01        4352        ----a-r-        c:\windows\system32\drivers\avmeject.sys
2011-02-23 15:01 . 2009-10-09 21:56        2048        ----a-w-        c:\windows\system32\winrsmgr.dll
2011-02-21 14:26 . 2011-02-28 11:25        --------        d-----w-        c:\program files\F.E.A.R. 2
2011-02-17 18:19 . 2011-03-18 15:46        --------        d-----w-        C:\LocalDumps
2011-02-16 21:09 . 2011-02-16 21:09        --------        d-----w-        C:\478fde374e3ba64a6f5633690822ee84
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-23 15:04 . 2011-02-14 22:14        190016        ----a-w-        c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2011-02-14 22:14        371544        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2011-02-23 14:56 . 2011-02-14 22:16        301528        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2011-02-14 22:14        49240        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2011-02-14 22:14        25432        ----a-w-        c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2011-02-14 22:14        53592        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2011-02-14 22:16        19544        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2011-02-19 05:48 . 2011-02-14 22:14        40648        ----a-w-        c:\windows\avastSS.scr
2011-02-02 20:40 . 2010-05-09 18:29        472808        ----a-w-        c:\windows\system32\deployJava1.dll
2011-01-20 16:37 . 2011-02-09 19:42        638336        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 19:42        478720        ----a-w-        c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 19:42        1029120        ----a-w-        c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 19:42        189952        ----a-w-        c:\windows\system32\d3d10core.dll
2011-01-20 16:08 . 2011-02-09 19:42        160768        ----a-w-        c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 19:42        219648        ----a-w-        c:\windows\system32\d3d10_1core.dll
2011-01-20 16:07 . 2011-02-09 19:42        37376        ----a-w-        c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 19:42        258048        ----a-w-        c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 19:42        586240        ----a-w-        c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 19:42        2873344        ----a-w-        c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 19:42        26112        ----a-w-        c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 19:42        209920        ----a-w-        c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 19:42        98816        ----a-w-        c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 19:42        1554432        ----a-w-        c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 19:42        876032        ----a-w-        c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 19:42        667648        ----a-w-        c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 19:42        847360        ----a-w-        c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 19:42        288768        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 19:42        135680        ----a-w-        c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 19:42        979456        ----a-w-        c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 19:42        357376        ----a-w-        c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 19:42        302592        ----a-w-        c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 19:42        261632        ----a-w-        c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 19:42        1172480        ----a-w-        c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 19:42        486400        ----a-w-        c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 19:42        683008        ----a-w-        c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 19:42        1068544        ----a-w-        c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 19:42        797184        ----a-w-        c:\windows\system32\FntCache.dll
2011-01-13 09:41 . 2011-02-11 13:48        5890896        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9FB5634-552E-44E3-A742-543BDA9303AA}\mpengine.dll
2011-01-12 18:08 . 2011-01-12 18:08        29992        ----a-w-        c:\windows\system32\drivers\GRD.sys
2011-01-12 18:02 . 2011-01-12 18:02        47560        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2011-01-12 18:01 . 2011-01-12 18:01        62024        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2011-01-12 18:01 . 2011-01-12 18:01        33480        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2011-01-12 18:01 . 2011-01-12 18:01        40904        ----a-w-        c:\windows\system32\drivers\gdwfpcd32.sys
2011-01-08 08:47 . 2011-02-09 19:41        34304        ----a-w-        c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 19:41        292352        ----a-w-        c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 19:42        2039808        ----a-w-        c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 13:54        413696        ----a-w-        c:\windows\system32\odbc32.dll
2010-12-27 14:14 . 2010-12-04 13:31        235        ----a-w-        c:\windows\system32\nxEuUninstall.bat
2010-12-27 14:14 . 2010-07-25 15:37        446464        ----a-w-        c:\windows\NEXON_EU_DownloaderUpdater.exe
2010-12-20 17:09 . 2011-01-11 14:17        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2011-01-11 14:16        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys
.
.
------- Sigcheck -------
.
[-] 2010-07-14 . 690D53BD10A804BB6D0A772D1C0E6907 . 247296 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-03 09:16        175400        ----a-w-        c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6d8d66f3-14fc-4736-a096-fac0ea66289c}]
2011-01-03 09:16        175400        ----a-w-        c:\program files\midicase\prxtbmidi.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6d8d66f3-14fc-4736-a096-fac0ea66289c}"= "c:\program files\midicase\prxtbmidi.dll" [2011-01-03 175400]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{6d8d66f3-14fc-4736-a096-fac0ea66289c}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{6D8D66F3-14FC-4736-A096-FAC0EA66289C}"= "c:\program files\midicase\prxtbmidi.dll" [2011-01-03 175400]
.
[HKEY_CLASSES_ROOT\clsid\{6d8d66f3-14fc-4736-a096-fac0ea66289c}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04        122512        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2000-01-01 1310720]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2008-09-05 1794048]
"TrayServer"="c:\program files\MAGIX\Video_deluxe_17_Premium_Download-Version\TrayServer.exe" [2008-08-07 90112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2008-04-21 09:48        69632        ----a-w-        c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2008-06-18 12:05        24848        ----a-w-        c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39        1164584        ----a-w-        c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-08-25 18:45        171032        ----a-w-        c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-08-25 18:45        136216        ----a-w-        c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-12-06 07:31        1910152        ----a-w-        c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-12-20 17:08        443728        ----a-w-        c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08        963976        ----a-w-        c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-08-25 18:45        170520        ----a-w-        c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
2010-10-17 22:42        404200        ----a-w-        c:\program files\Sandboxie\SbieCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetRefresh]
2003-11-20 18:01        525824        ----a-w-        c:\program files\HP\SetRefresh\SetRefresh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28        1233920        ----a-w-        c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51        17408        ----a-w-        c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25        202240        ----a-w-        c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe"
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\Vid.exe" -bootmode
"Steam"="c:\program files\steam\steam.exe" -silent
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"Google Update"="c:\users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"PTHOSTTR"=c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
"File Sanitizer"=c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
.
R2 0065941272830566mcinstcleanup;McAfee Application Installer Cleanup (0065941272830566);c:\users\GAMER-~1\AppData\Local\Temp\006594~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 136176]
R2 myAgtSvc;McAfee-Dienst zum Schutz vor Viren und Spyware;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2008-09-05 4352]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2008-04-09 32256]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 FLCDLOCK;HP ProtectTools Gerätesperre/Überwachung;c:\windows\system32\flcdlock.exe [2008-04-21 349432]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
R3 MatSvc;Microsoft Fix it Supportcenter;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-11-16 267568]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-12-07 3988144]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2010-06-08 31504]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-07 691696]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 FSLX;FSLX;c:\windows\system32\drivers\fslx.sys [2008-07-11 191872]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-10-08 143184]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-10-08 41936]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-11-27 185896]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Lokaler Verbindungskanal;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-07-25 20480]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-06-23 77824]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-04-07 576024]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-11-30 2222376]
S2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2008-07-19 2054680]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6032.sys [2009-12-10 197800]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2007-01-25 265088]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-10-08 111568]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork        REG_MULTI_SZ          PLA DPS BFE mpssvc
Cognizance        REG_MULTI_SZ          ASBroker ASChannel
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2010-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 20:05]
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-13 20:05]
.
2011-03-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001Core.job
- c:\users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-05 11:04]
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001UA.job
- c:\users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-05 11:04]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=smb&pf=desktop
uInternet Settings,ProxyServer = http=;ftp=;https=;
uInternet Settings,ProxyOverride = fritz.box
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {4944924A-64E4-49C1-AC97-ABA3927262FE} - hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
FF - ProfilePath - c:\users\Gamer-Pro\AppData\Roaming\Mozilla\Firefox\Profiles\1qbfj4l8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 9\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Test Pilot: testpilot@labs.mozilla.com - %profile%\extensions\testpilot@labs.mozilla.com
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-03-18 21:30
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4620)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\avmwlanstick\WlanNetService.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-03-18  21:39:00 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-03-18 20:38
ComboFix2.txt  2011-03-17 21:29
.
Vor Suchlauf: 35 Verzeichnis(se), 39.060.578.304 Bytes frei
Nach Suchlauf: 36 Verzeichnis(se), 35.399.315.456 Bytes frei
.
- - End Of File - - 58FBD00E76F6AFE48CBD0E0FF00D8629
--- --- ---

cosinus 18.03.2011 22:12
Bitte führe mal dieses Tool von Kaspersky aus => http://www.trojaner-board.de/82358-t...entfernen.html

M1600wner 18.03.2011 23:11
Hier das Log von TDSS Killer.

Zitat:
2011/03/18 23:07:55.0293 5340 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/18 23:07:55.0713 5340 ================================================================================
2011/03/18 23:07:55.0713 5340 SystemInfo:
2011/03/18 23:07:55.0713 5340
2011/03/18 23:07:55.0713 5340 OS Version: 6.0.6002 ServicePack: 2.0
2011/03/18 23:07:55.0713 5340 Product type: Workstation
2011/03/18 23:07:55.0713 5340 ComputerName: GAMER-PRO-PC
2011/03/18 23:07:55.0714 5340 UserName: Gamer-Pro
2011/03/18 23:07:55.0714 5340 Windows directory: C:\Windows
2011/03/18 23:07:55.0714 5340 System windows directory: C:\Windows
2011/03/18 23:07:55.0714 5340 Processor architecture: Intel x86
2011/03/18 23:07:55.0714 5340 Number of processors: 2
2011/03/18 23:07:55.0714 5340 Page size: 0x1000
2011/03/18 23:07:55.0714 5340 Boot type: Normal boot
2011/03/18 23:07:55.0714 5340 ================================================================================
2011/03/18 23:08:00.0312 5340 Initialize success
2011/03/18 23:08:03.0609 5040 ================================================================================
2011/03/18 23:08:03.0609 5040 Scan started
2011/03/18 23:08:03.0609 5040 Mode: Manual;
2011/03/18 23:08:03.0609 5040 ================================================================================
2011/03/18 23:08:05.0130 5040 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/03/18 23:08:05.0189 5040 ADIHdAudAddService (776986e124156b586d2bd8bdf135dd30) C:\Windows\system32\drivers\ADIHdAud.sys
2011/03/18 23:08:05.0252 5040 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/03/18 23:08:05.0295 5040 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/03/18 23:08:05.0333 5040 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/03/18 23:08:05.0371 5040 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/03/18 23:08:05.0480 5040 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/03/18 23:08:05.0518 5040 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/03/18 23:08:05.0543 5040 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/18 23:08:05.0583 5040 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/03/18 23:08:05.0616 5040 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/03/18 23:08:05.0644 5040 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/03/18 23:08:05.0671 5040 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/03/18 23:08:05.0698 5040 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/03/18 23:08:05.0758 5040 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/03/18 23:08:05.0785 5040 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/03/18 23:08:05.0864 5040 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\Windows\system32\drivers\aswFsBlk.sys
2011/03/18 23:08:05.0920 5040 aswMonFlt (b0f137f664f10829cd2380b0e20e7c29) C:\Windows\system32\drivers\aswMonFlt.sys
2011/03/18 23:08:05.0944 5040 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\Windows\system32\drivers\aswRdr.sys
2011/03/18 23:08:05.0971 5040 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\Windows\system32\drivers\aswSnx.sys
2011/03/18 23:08:06.0012 5040 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\Windows\system32\drivers\aswSP.sys
2011/03/18 23:08:06.0050 5040 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\Windows\system32\drivers\aswTdi.sys
2011/03/18 23:08:06.0110 5040 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/18 23:08:06.0153 5040 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/03/18 23:08:06.0188 5040 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/03/18 23:08:06.0279 5040 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\Windows\system32\drivers\avmeject.sys
2011/03/18 23:08:06.0358 5040 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/03/18 23:08:06.0526 5040 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/03/18 23:08:06.0603 5040 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/03/18 23:08:06.0664 5040 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/18 23:08:06.0705 5040 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/18 23:08:06.0759 5040 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/18 23:08:06.0819 5040 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/18 23:08:06.0861 5040 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/18 23:08:06.0930 5040 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/18 23:08:06.0955 5040 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/18 23:08:06.0980 5040 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/03/18 23:08:07.0106 5040 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/18 23:08:07.0150 5040 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/18 23:08:07.0182 5040 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/03/18 23:08:07.0225 5040 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/03/18 23:08:07.0273 5040 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/03/18 23:08:07.0326 5040 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/03/18 23:08:07.0363 5040 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/03/18 23:08:07.0418 5040 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/03/18 23:08:07.0511 5040 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
2011/03/18 23:08:07.0596 5040 DAMDrv (8c527985b06ebb114fee21391bf58ec3) C:\Windows\system32\DRIVERS\DAMDrv.sys
2011/03/18 23:08:07.0662 5040 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/03/18 23:08:07.0737 5040 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/03/18 23:08:07.0798 5040 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/03/18 23:08:07.0858 5040 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/18 23:08:07.0947 5040 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/18 23:08:08.0012 5040 e1kexpress (d5f74c95f441091a3421cf20f4cef54e) C:\Windows\system32\DRIVERS\e1k6032.sys
2011/03/18 23:08:08.0309 5040 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/03/18 23:08:08.0390 5040 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/03/18 23:08:08.0452 5040 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/03/18 23:08:08.0548 5040 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/03/18 23:08:08.0620 5040 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/03/18 23:08:08.0691 5040 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/18 23:08:08.0734 5040 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/03/18 23:08:08.0785 5040 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/03/18 23:08:08.0873 5040 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/18 23:08:08.0921 5040 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/03/18 23:08:08.0959 5040 FSLX (037b3ab349be884bb8cb9c5356e34717) C:\Windows\system32\drivers\fslx.sys
2011/03/18 23:08:09.0009 5040 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
2011/03/18 23:08:09.0076 5040 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/18 23:08:09.0148 5040 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\Windows\system32\DRIVERS\fwlanusb.sys
2011/03/18 23:08:09.0195 5040 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/18 23:08:09.0256 5040 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
2011/03/18 23:08:09.0345 5040 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/03/18 23:08:09.0410 5040 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/18 23:08:09.0460 5040 HECI (e4a123ad734a3731d29ebd3a01b3e535) C:\Windows\system32\DRIVERS\HECI.sys
2011/03/18 23:08:09.0512 5040 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/18 23:08:09.0554 5040 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/18 23:08:09.0619 5040 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/18 23:08:09.0721 5040 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/03/18 23:08:09.0848 5040 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/03/18 23:08:10.0035 5040 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/03/18 23:08:10.0247 5040 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/18 23:08:10.0345 5040 iaStor (707c1692214b1c290271067197f075f6) C:\Windows\system32\drivers\iastor.sys
2011/03/18 23:08:10.0521 5040 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/03/18 23:08:10.0811 5040 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/03/18 23:08:11.0012 5040 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/18 23:08:11.0050 5040 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/03/18 23:08:11.0115 5040 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/18 23:08:11.0159 5040 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/18 23:08:11.0229 5040 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/18 23:08:11.0255 5040 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/18 23:08:11.0290 5040 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/03/18 23:08:11.0324 5040 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/03/18 23:08:11.0372 5040 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/18 23:08:11.0451 5040 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/18 23:08:11.0489 5040 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/18 23:08:11.0546 5040 ithsgt (b7a5fadf67136fda7e8f25303565b674) C:\Windows\system32\DRIVERS\ithsgt.sys
2011/03/18 23:08:11.0590 5040 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/18 23:08:11.0638 5040 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/18 23:08:11.0716 5040 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/18 23:08:11.0824 5040 lilsgt (16767ea492b5d140e1de3679a65eae74) C:\Windows\system32\DRIVERS\lilsgt.sys
2011/03/18 23:08:11.0873 5040 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/03/18 23:08:11.0934 5040 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/18 23:08:12.0024 5040 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/18 23:08:12.0083 5040 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/18 23:08:12.0135 5040 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/18 23:08:12.0185 5040 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/03/18 23:08:12.0269 5040 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\Drivers\LVPr2Mon.sys
2011/03/18 23:08:12.0350 5040 LVRS (a198cd8a1c813d9ceba29a29d45fc94c) C:\Windows\system32\DRIVERS\lvrs.sys
2011/03/18 23:08:12.0382 5040 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\Windows\system32\drivers\LVUSBSta.sys
2011/03/18 23:08:12.0545 5040 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\Windows\system32\DRIVERS\lvuvc.sys
2011/03/18 23:08:12.0765 5040 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\Windows\system32\drivers\mbam.sys
2011/03/18 23:08:12.0821 5040 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/03/18 23:08:12.0859 5040 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/03/18 23:08:12.0890 5040 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/03/18 23:08:12.0913 5040 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/18 23:08:12.0931 5040 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/18 23:08:12.0960 5040 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/18 23:08:12.0993 5040 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/03/18 23:08:13.0026 5040 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/03/18 23:08:13.0054 5040 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/18 23:08:13.0097 5040 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/18 23:08:13.0161 5040 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/03/18 23:08:13.0211 5040 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/18 23:08:13.0307 5040 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/18 23:08:13.0342 5040 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/18 23:08:13.0382 5040 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/03/18 23:08:13.0415 5040 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/03/18 23:08:13.0457 5040 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/03/18 23:08:13.0483 5040 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/03/18 23:08:13.0539 5040 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/18 23:08:13.0598 5040 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/18 23:08:13.0637 5040 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/03/18 23:08:13.0704 5040 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/03/18 23:08:13.0750 5040 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/18 23:08:13.0786 5040 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/03/18 23:08:13.0819 5040 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/03/18 23:08:13.0883 5040 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/18 23:08:13.0926 5040 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/03/18 23:08:14.0016 5040 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/18 23:08:14.0050 5040 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/18 23:08:14.0097 5040 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/18 23:08:14.0141 5040 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/03/18 23:08:14.0170 5040 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/18 23:08:14.0260 5040 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/18 23:08:14.0341 5040 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/18 23:08:14.0449 5040 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/03/18 23:08:14.0504 5040 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/18 23:08:14.0594 5040 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/03/18 23:08:14.0674 5040 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/18 23:08:14.0711 5040 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/03/18 23:08:14.0790 5040 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/03/18 23:08:14.0831 5040 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/03/18 23:08:14.0912 5040 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/03/18 23:08:15.0023 5040 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/03/18 23:08:15.0095 5040 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/03/18 23:08:15.0133 5040 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/03/18 23:08:15.0168 5040 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/03/18 23:08:15.0207 5040 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/03/18 23:08:15.0242 5040 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/03/18 23:08:15.0270 5040 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/03/18 23:08:15.0310 5040 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/03/18 23:08:15.0354 5040 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/18 23:08:15.0538 5040 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/18 23:08:15.0596 5040 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/03/18 23:08:15.0695 5040 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/18 23:08:15.0770 5040 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/03/18 23:08:15.0872 5040 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/18 23:08:15.0920 5040 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/18 23:08:15.0972 5040 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/18 23:08:16.0007 5040 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/18 23:08:16.0080 5040 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/18 23:08:16.0118 5040 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/03/18 23:08:16.0164 5040 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/18 23:08:16.0213 5040 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/18 23:08:16.0258 5040 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/03/18 23:08:16.0279 5040 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/18 23:08:16.0320 5040 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/03/18 23:08:16.0421 5040 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/18 23:08:16.0501 5040 SbieDrv (0e37b22d506d09f349885049db34f0dc) C:\Program Files\Sandboxie\SbieDrv.sys
2011/03/18 23:08:16.0610 5040 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/18 23:08:16.0680 5040 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/18 23:08:16.0738 5040 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/18 23:08:16.0805 5040 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/03/18 23:08:16.0843 5040 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/03/18 23:08:16.0959 5040 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/03/18 23:08:17.0011 5040 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/18 23:08:17.0060 5040 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/18 23:08:17.0115 5040 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/03/18 23:08:17.0217 5040 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/03/18 23:08:17.0283 5040 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/03/18 23:08:17.0318 5040 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/03/18 23:08:17.0360 5040 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/03/18 23:08:17.0434 5040 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/03/18 23:08:17.0490 5040 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/03/18 23:08:17.0490 5040 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/03/18 23:08:17.0495 5040 sptd - detected Locked file (1)
2011/03/18 23:08:17.0525 5040 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/03/18 23:08:17.0572 5040 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/18 23:08:17.0619 5040 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/18 23:08:17.0739 5040 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/18 23:08:17.0791 5040 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/18 23:08:17.0856 5040 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/18 23:08:17.0916 5040 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/18 23:08:18.0034 5040 Tcpip (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\drivers\tcpip.sys
2011/03/18 23:08:18.0168 5040 Tcpip6 (6a10afce0b38371064be41c1fbfd3c6b) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/18 23:08:18.0205 5040 tcpipreg (9bf343f4c878d6ad6922b2c5a4fefe0d) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/18 23:08:18.0250 5040 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/03/18 23:08:18.0286 5040 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/03/18 23:08:18.0331 5040 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/18 23:08:18.0434 5040 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/18 23:08:18.0520 5040 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
2011/03/18 23:08:18.0616 5040 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/18 23:08:18.0665 5040 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/18 23:08:18.0706 5040 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/18 23:08:18.0757 5040 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/03/18 23:08:18.0820 5040 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/18 23:08:18.0942 5040 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/18 23:08:18.0991 5040 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/03/18 23:08:19.0047 5040 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/18 23:08:19.0100 5040 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/18 23:08:19.0147 5040 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/18 23:08:19.0211 5040 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/03/18 23:08:19.0325 5040 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/18 23:08:19.0406 5040 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/18 23:08:19.0460 5040 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/18 23:08:19.0498 5040 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/18 23:08:19.0544 5040 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/18 23:08:19.0595 5040 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/03/18 23:08:19.0644 5040 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/18 23:08:19.0687 5040 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/18 23:08:19.0747 5040 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/18 23:08:19.0808 5040 VBoxDrv (9b7d30e837c80ec406676c0fe784107f) C:\Windows\system32\DRIVERS\VBoxDrv.sys
2011/03/18 23:08:19.0876 5040 VBoxNetAdp (e34cb1e4756b465cc832354162dfcef0) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
2011/03/18 23:08:19.0940 5040 VBoxNetFlt (c7519f03685f5d0291b233310bcf34b1) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
2011/03/18 23:08:19.0996 5040 VBoxUSB (7ae644eefa57f271bccafe825b486812) C:\Windows\system32\Drivers\VBoxUSB.sys
2011/03/18 23:08:20.0100 5040 VBoxUSBMon (a2229877303764021c088e6400b3e063) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
2011/03/18 23:08:20.0151 5040 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/18 23:08:20.0204 5040 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/03/18 23:08:20.0255 5040 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/03/18 23:08:20.0304 5040 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/03/18 23:08:20.0360 5040 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/03/18 23:08:20.0432 5040 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/03/18 23:08:20.0484 5040 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/03/18 23:08:20.0545 5040 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/03/18 23:08:20.0606 5040 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/03/18 23:08:20.0678 5040 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/18 23:08:20.0725 5040 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/18 23:08:20.0750 5040 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/18 23:08:20.0822 5040 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/03/18 23:08:20.0892 5040 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/18 23:08:21.0107 5040 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/03/18 23:08:21.0255 5040 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/18 23:08:21.0338 5040 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/18 23:08:21.0455 5040 ================================================================================
2011/03/18 23:08:21.0456 5040 Scan finished
2011/03/18 23:08:21.0456 5040 ================================================================================
2011/03/18 23:08:21.0463 4216 Detected object count: 1
2011/03/18 23:08:44.0085 4216 Locked file(sptd) - User select action: Skip

cosinus 19.03.2011 13:25
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur einige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

M1600wner 19.03.2011 16:31
GMER wollte nicht also hab ich es weggelassen. OSAM und MBR Check haben ihr Log brav ausgegeben.
OSAM:
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 16:28:08 on 19.03.2011

OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.15

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\system32\APSHook.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001Core.job" - "Google Inc." - C:\Users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001UA.job" - "Google Inc." - C:\Users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"atca5ikv" (atca5ikv) - "Microsoft Corporation" - C:\Windows\system32\drivers\atca5ikv.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"AVM Eject" (avmeject) - "AVM Berlin" - C:\Windows\System32\drivers\avmeject.sys
"BDFsDrv" (BDFsDrv) - ? - C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys  (File not found)
"BDRsDrv" (BDRsDrv) - ? - C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys  (File not found)
"catchme" (catchme) - ? - C:\cofi.exe10029c\catchme.sys  (File not found)
"DAMDrv" (DAMDrv) - "Hewlett-Packard Development Company L.P." - C:\Windows\System32\DRIVERS\DAMDrv.sys
"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys  (File not found)
"EagleXNt" (EagleXNt) - ? - C:\Windows\system32\drivers\EagleXNt.sys  (File not found)
"eamonm" (eamonm) - ? - C:\Windows\System32\DRIVERS\eamonm.sys  (File not found)
"FSLX" (FSLX) - "Altiris, Inc." - C:\Windows\system32\drivers\fslx.sys
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS  (File found, but it contains no detailed information)
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"ithsgt" (ithsgt) - ? - C:\Windows\System32\DRIVERS\ithsgt.sys  (File found, but it contains no detailed information)
"kgldruoc" (kgldruoc) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\kgldruoc.sys  (Hidden registry entry, rootkit activity | File not found)
"lilsgt" (lilsgt) - ? - C:\Windows\System32\DRIVERS\lilsgt.sys  (File found, but it contains no detailed information)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"SbieDrv" (SbieDrv) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieDrv.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"VirtualBox USB" (VBoxUSB) - "Oracle Corporation" - C:\Windows\System32\Drivers\VBoxUSB.sys
"vtany" (vtany) - ? - C:\Windows\vtany.sys  (File not found)
"xhunter1" (xhunter1) - ? - C:\Windows\xhunter1.sys  (File not found)
"xspirit" (xspirit) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\xspirit.sys  (File found, but it contains no detailed information)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{41E300E0-78B6-11ce-849B-444553540000} "Display Effects CPL Extension" - "Microsoft Corporation" - C:\Windows\system32\themeui.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{59850401-6664-101B-B21C-00AA004BA90B} "Microsoft Office Binder Unbind" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office\1031\UNBIND.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{F9411A21-2B30-4B62-869E-FAFECA394FB3} "WinRezSh" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
<binary data> "{32099AAC-C132-4136-9E9A-4E364A424E17}" - ? -  (File not found | COM-object registry key not found)
<binary data> "{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} "Office Genuine Advantage Validation Tool" - ? - C:\Windows\system32\OGACheckControl.DLL / hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10i.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{4944924A-64E4-49C1-AC97-ABA3927262FE} "StWbUsa Control" - "YNK" - C:\Windows\DOWNLO~1\StWbUsa.ocx / hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine" - "Conduit Ltd." - C:\Program Files\ConduitEngine\prxConduitEngine.dll
{0BF43445-2F28-4351-9252-17FE6E806AA0} "McAfee SiteAdvisor" - ? -  (File not found | COM-object registry key not found)
{6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
{29CF293A-1E7D-4069-9E11-E39698D0AF95} "QQ工具栏" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{3134413B-49B4-425C-98A5-893C1F195601} "BHO_Startup Class" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
{30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine" - "Conduit Ltd." - C:\Program Files\ConduitEngine\prxConduitEngine.dll
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} "Credential Manager for HP ProtectTools" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Gamer-Pro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %SystemDrive%\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"AVMWlanClient" - "AVM Berlin" - C:\Program Files\avmwlanstick\wlangui.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"TrayServer" - "MAGIX AG" - C:\Program Files\MAGIX\Video_deluxe_17_Premium_Download-Version\TrayServer.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFC" - "PDF Complete, Inc." - C:\Windows\system32\pdfc_port.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000" (MatSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Fix it Center\Matsvc.exe
"@%SystemRoot%\System32\shsvcs.dll,-12288" (ShellHWDetection) - "Microsoft Corporation" - C:\Windows\System32\shsvcs.dll
"@%SystemRoot%\System32\shsvcs.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\shsvcs.dll
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"ActivClient Middleware Service" (accoca) - "ActivIdentity" - C:\Program Files\ActivIdentity\ActivClient\accoca.exe
"Akamai NetSession Interface" (Akamai) - ? - c:\program files\common files\akamai\netsession_win_d76cf65.dll  (File found, but it contains no detailed information)
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"AVM WLAN Connection Service" (AVM WLAN Connection Service) - "AVM Berlin" - C:\Program Files\avmwlanstick\WlanNetService.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
"File Sanitizer for HP ProtectTools" (HPFSService) - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP ProtectTools Gerätesperre/Überwachung" (FLCDLOCK) - "Hewlett-Packard Ltd" - C:\Windows\system32\flcdlock.exe
"HP ProtectTools Service" (HP ProtectTools Service) - "Hewlett-Packard Development Company, L.P" - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
"hpqwmiex" (hpqwmiex) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Intel(R) Active Management Technology Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files\Intel\AMT\LMS.exe
"Intel(R) Active Management Technology User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
"LogMeIn Hamachi 2.0 Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
"Logon Session Broker" (ASBroker) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
"Lokaler Verbindungskanal" (ASChannel) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Application Installer Cleanup (0065941272830566)" (0065941272830566mcinstcleanup) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\006594~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service  (File not found)
"McAfee-Dienst zum Schutz vor Viren und Spyware" (myAgtSvc) - ? - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe /ServiceStart  (File not found)
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des
"PDF Document Manager" (pdfcDispatcher) - "PDF Complete Inc" - C:\Program Files\PDF Complete\pdfsvc.exe
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
"Sandboxie Service" (SbieSvc) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieSvc.exe
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{8F51D94E-8B89-4844-B15C-9C049BA0F49F} "DLLName" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItVCard.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"DeviceNP" - "Hewlett-Packard Limited" - C:\Windows\system32\DeviceNP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

MBR:

Zitat:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Business Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Compaq dc7900 Small Form Factor
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 155):
0x82435000 \SystemRoot\system32\ntkrnlpa.exe
0x82402000 \SystemRoot\system32\hal.dll
0x80409000 \SystemRoot\system32\kdcom.dll
0x80410000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80480000 \SystemRoot\system32\PSHED.dll
0x80491000 \SystemRoot\system32\BOOTVID.dll
0x80499000 \SystemRoot\system32\CLFS.SYS
0x804DA000 \SystemRoot\system32\CI.dll
0x8060B000 \SystemRoot\system32\drivers\Wdf01000.sys
0x8067C000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8068A000 \SystemRoot\System32\Drivers\spea.sys
0x8077D000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x80786000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x807AC000 \SystemRoot\system32\drivers\acpi.sys
0x807F2000 \SystemRoot\system32\drivers\msisadrv.sys
0x805BA000 \SystemRoot\system32\drivers\pci.sys
0x805E1000 \SystemRoot\System32\drivers\partmgr.sys
0x805F0000 \SystemRoot\system32\drivers\volmgr.sys
0x82A05000 \SystemRoot\System32\drivers\volmgrx.sys
0x82A4F000 \SystemRoot\system32\drivers\pciide.sys
0x82A56000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x82A64000 \SystemRoot\System32\drivers\mountmgr.sys
0x82A74000 \SystemRoot\system32\drivers\iastor.sys
0x82B4D000 \SystemRoot\system32\drivers\atapi.sys
0x82B55000 \SystemRoot\system32\drivers\ataport.SYS
0x82B73000 \SystemRoot\system32\drivers\fltmgr.sys
0x82BA5000 \SystemRoot\system32\drivers\fileinfo.sys
0x8B806000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8B877000 \SystemRoot\system32\drivers\ndis.sys
0x8B982000 \SystemRoot\system32\drivers\msrpc.sys
0x8B9AD000 \SystemRoot\system32\drivers\NETIO.SYS
0x8BA0B000 \SystemRoot\System32\drivers\tcpip.sys
0x8BAF8000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8BC0E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8BD1E000 \SystemRoot\system32\drivers\volsnap.sys
0x8BD57000 \SystemRoot\System32\Drivers\spldr.sys
0x8BD5F000 \SystemRoot\System32\Drivers\mup.sys
0x8BD6E000 \SystemRoot\System32\drivers\ecache.sys
0x8BD95000 \SystemRoot\system32\drivers\disk.sys
0x8BDA6000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8BDC7000 \SystemRoot\system32\drivers\crcdisk.sys
0x8BDDD000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8BDE8000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x90001000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x9091E000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x909BE000 \SystemRoot\System32\drivers\watchdog.sys
0x909CA000 \SystemRoot\system32\DRIVERS\HECI.sys
0x909D4000 \SystemRoot\system32\DRIVERS\serial.sys
0x909EE000 \SystemRoot\system32\DRIVERS\serenum.sys
0x82BB5000 \SystemRoot\system32\DRIVERS\e1k6032.sys
0x8BDF1000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8FA00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8FA3E000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8FA4D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8FADA000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8FAED000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8FAF8000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8FB03000 \SystemRoot\system32\DRIVERS\fdc.sys
0x8FB0E000 \SystemRoot\system32\drivers\tpm.sys
0x8FB1C000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8FB34000 \SystemRoot\System32\Drivers\atca5ikv.SYS
0x8FB6D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8FB7C000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8FB85000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8FBB4000 \SystemRoot\system32\DRIVERS\storport.sys
0x8FBF5000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8B9E8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8BC00000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x90C06000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x90C29000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x90C38000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x90C4C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x90C61000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0x90CEA000 \SystemRoot\system32\DRIVERS\termdd.sys
0x90CFA000 \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
0x90D14000 \SystemRoot\system32\DRIVERS\swenum.sys
0x90D16000 \SystemRoot\system32\DRIVERS\ks.sys
0x90D40000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x90D4A000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90D57000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x90D8C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90E0D000 \SystemRoot\system32\drivers\ADIHdAud.sys
0x90E6F000 \SystemRoot\system32\drivers\portcls.sys
0x90E9C000 \SystemRoot\system32\drivers\drmk.sys
0x90EC1000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x90F1F000 \SystemRoot\system32\DRIVERS\fwlanusb.sys
0x90F60000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x90F62000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x90F6B000 \SystemRoot\System32\Drivers\Null.SYS
0x90F72000 \SystemRoot\System32\Drivers\Beep.SYS
0x90F82000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x90F89000 \SystemRoot\System32\drivers\vga.sys
0x90F95000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x90FB6000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x90FBE000 \SystemRoot\system32\drivers\rdpencdd.sys
0x90FC6000 \SystemRoot\System32\Drivers\Msfs.SYS
0x90FD1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x90FDF000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x90FE8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90E00000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x90DA8000 \SystemRoot\system32\DRIVERS\smb.sys
0x90DBC000 \SystemRoot\System32\DRIVERS\netbt.sys
0x91402000 \SystemRoot\system32\drivers\afd.sys
0x9144A000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x9144F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x91465000 \SystemRoot\system32\DRIVERS\netbios.sys
0x91473000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x91486000 \SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
0x9148F000 \SystemRoot\system32\DRIVERS\VBoxDrv.sys
0x914B1000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x914ED000 \SystemRoot\system32\drivers\nsiproxy.sys
0x914F7000 \??\C:\Windows\system32\drivers\fslx.sys
0x91526000 \SystemRoot\system32\drivers\csc.sys
0x91581000 \SystemRoot\System32\Drivers\dfsc.sys
0x91598000 \SystemRoot\System32\Drivers\aswSP.SYS
0x915E0000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8BB13000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x9A010000 \SystemRoot\System32\win32k.sys
0x915ED000 \SystemRoot\System32\drivers\Dxapi.sys
0x90DEE000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9A230000 \SystemRoot\System32\TSDDD.dll
0x9A250000 \SystemRoot\System32\cdd.dll
0x9A260000 \SystemRoot\System32\ATMFD.DLL
0xACE05000 \SystemRoot\system32\drivers\luafv.sys
0xACE20000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0xACE58000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xACE5B000 \SystemRoot\system32\drivers\spsys.sys
0xACF0B000 \??\C:\Program Files\Sandboxie\SbieDrv.sys
0xACF2C000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xACF3C000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xACF66000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xACF70000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xACF83000 \SystemRoot\system32\drivers\HTTP.sys
0xB1004000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xB1021000 \SystemRoot\system32\DRIVERS\bowser.sys
0xB103A000 \SystemRoot\System32\drivers\mpsdrv.sys
0xB104F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB106E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xB10A7000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xB10BF000 \SystemRoot\System32\DRIVERS\srv2.sys
0xB10E7000 \SystemRoot\System32\DRIVERS\srv.sys
0xB1135000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xB1178000 \SystemRoot\system32\DRIVERS\ithsgt.sys
0xB11A0000 \SystemRoot\system32\DRIVERS\lilsgt.sys
0xB11A3000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xB260C000 \SystemRoot\system32\drivers\peauth.sys
0xB26EA000 \SystemRoot\System32\Drivers\secdrv.SYS
0xB26F4000 \SystemRoot\System32\drivers\tcpipreg.sys
0xB2700000 \SystemRoot\system32\Drivers\LVPr2Mon.sys
0xB2705000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xB271B000 \??\C:\Windows\system32\drivers\mbam.sys
0xB271F000 \??\C:\Users\GAMER-~1\AppData\Local\Temp\xspirit.sys
0xB27AE000 \??\C:\Users\GAMER-~1\AppData\Local\Temp\kgldruoc.sys
0x77C20000 \Windows\System32\ntdll.dll
0x10000000 \Program Files\DAEMON Tools Lite\Engine.dll

Processes (total 65):
0 System Idle Process
4 System
600 C:\Windows\System32\smss.exe
668 csrss.exe
712 C:\Windows\System32\wininit.exe
724 csrss.exe
756 C:\Windows\System32\services.exe
772 C:\Windows\System32\lsass.exe
796 C:\Windows\System32\winlogon.exe
816 C:\Windows\System32\lsm.exe
996 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1080 C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
1120 C:\Windows\System32\svchost.exe
1248 C:\Windows\System32\svchost.exe
1284 C:\Windows\System32\svchost.exe
1324 C:\Windows\System32\svchost.exe
1416 C:\Windows\System32\audiodg.exe
1448 C:\Windows\System32\svchost.exe
1508 C:\Windows\System32\SLsvc.exe
1588 C:\Windows\System32\svchost.exe
1704 C:\Program Files\Sandboxie\SbieSvc.exe
1824 C:\Windows\System32\svchost.exe
1948 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1336 C:\Windows\System32\taskeng.exe
1408 C:\Windows\System32\spoolsv.exe
1676 C:\Windows\System32\svchost.exe
2136 C:\Program Files\ActivIdentity\ActivClient\accoca.exe
2168 C:\Windows\System32\AEADISRV.EXE
2220 C:\Windows\System32\svchost.exe
2240 C:\Program Files\ActivIdentity\ActivClient\acevents.exe
2248 C:\Program Files\avmwlanstick\WLanNetService.exe
2376 C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
2524 C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
2552 C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
2616 C:\Program Files\Intel\AMT\LMS.exe
2640 C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
2680 C:\Program Files\PDF Complete\pdfsvc.exe
2724 C:\Windows\System32\PnkBstrA.exe
2784 C:\Windows\System32\svchost.exe
2812 C:\Windows\System32\svchost.exe
2924 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
2944 C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
3000 C:\Windows\System32\svchost.exe
3028 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3324 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
3336 WmiPrvSE.exe
3660 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
3816 C:\Windows\System32\taskeng.exe
2624 C:\Windows\System32\dwm.exe
2856 C:\Windows\explorer.exe
3600 C:\Program Files\Analog Devices\Core\smax4pnp.exe
2420 C:\Program Files\Windows Media Player\wmpnscfg.exe
1716 C:\Program Files\avmwlanstick\WLanGUI.exe
1236 C:\Program Files\Common Files\Java\Java Update\jusched.exe
2892 C:\Program Files\Windows Media Player\wmpnetwk.exe
4428 C:\Windows\System32\svchost.exe
5092 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
4196 C:\Program Files\Mozilla Firefox\firefox.exe
4284 WmiPrvSE.exe
4800 C:\Program Files\Mozilla Firefox\plugin-container.exe
5008 dllhost.exe
4052 dllhost.exe
5460 C:\Users\Gamer-Pro\Downloads\MBRCheck.exe
4472 C:\Windows\System32\conime.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000039`bba00000 (NTFS)

PhysicalDrive0 Model Number: ST3250310AS, Rev: 3.AHC

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: C494D0E68EC43BD90D507D7433A09349C3E569C8


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

cosinus 19.03.2011 20:41
Zitat:
"EagleNT" (EagleNT) - ? - C:\Windows\system32\drivers\EagleNT.sys (File not found)
"EagleXNt" (EagleXNt) - ? - C:\Windows\system32\drivers\EagleXNt.sys (File not found)
"eamonm" (eamonm) - ? - C:\Windows\System32\DRIVERS\eamonm.sys (File not found)
"ithsgt" (ithsgt) - ? - C:\Windows\System32\DRIVERS\ithsgt.sys (File found, but it contains no detailed information)
"vtany" (vtany) - ? - C:\Windows\vtany.sys (File not found)
"xhunter1" (xhunter1) - ? - C:\Windows\xhunter1.sys (File not found)
"xspirit" (xspirit) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\xspirit.sys (File found, but it contains no detailed information)
Diese Einträge bitte mit OSAM deaktivieren und entfernen (delete from storage)

M1600wner 19.03.2011 22:56
Habs gemacht. Bin aber nicht sicher, ob die einträge jetzt auch weg sind.

OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:55:28 on 19.03.2011

OS: Windows Vista Business Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.15

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\System32\APSHook.dll
"AppInit_DLLs" - "Bioscrypt Inc." - C:\Windows\system32\APSHook.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001Core.job" - "Google Inc." - C:\Users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-3126018047-4160642244-3195430115-1001UA.job" - "Google Inc." - C:\Users\Gamer-Pro\AppData\Local\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\system32\drivers\aswRdr.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"atca5ikv" (atca5ikv) - "Microsoft Corporation" - C:\Windows\system32\drivers\atca5ikv.sys  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"AVM Eject" (avmeject) - "AVM Berlin" - C:\Windows\System32\drivers\avmeject.sys
"BDFsDrv" (BDFsDrv) - ? - C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys  (File not found)
"BDRsDrv" (BDRsDrv) - ? - C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys  (File not found)
"catchme" (catchme) - ? - C:\cofi.exe10029c\catchme.sys  (File not found)
"DAMDrv" (DAMDrv) - "Hewlett-Packard Development Company L.P." - C:\Windows\System32\DRIVERS\DAMDrv.sys
"FSLX" (FSLX) - "Altiris, Inc." - C:\Windows\system32\drivers\fslx.sys
"FsUsbExDisk" (FsUsbExDisk) - ? - C:\Windows\system32\FsUsbExDisk.SYS  (File found, but it contains no detailed information)
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"kgldruoc" (kgldruoc) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\kgldruoc.sys  (Hidden registry entry, rootkit activity | File not found)
"lilsgt" (lilsgt) - ? - C:\Windows\System32\DRIVERS\lilsgt.sys  (File found, but it contains no detailed information)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"SbieDrv" (SbieDrv) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieDrv.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"VirtualBox USB" (VBoxUSB) - "Oracle Corporation" - C:\Windows\System32\Drivers\VBoxUSB.sys
"XDva384" (XDva384) - ? - C:\Windows\system32\XDva384.sys  (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{41E300E0-78B6-11ce-849B-444553540000} "Display Effects CPL Extension" - "Microsoft Corporation" - C:\Windows\system32\themeui.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -  (File not found | COM-object registry key not found)
{59850401-6664-101B-B21C-00AA004BA90B} "Microsoft Office Binder Unbind" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~3\Office\1031\UNBIND.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{F9411A21-2B30-4B62-869E-FAFECA394FB3} "WinRezSh" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
<binary data> "{32099AAC-C132-4136-9E9A-4E364A424E17}" - ? -  (File not found | COM-object registry key not found)
<binary data> "{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_24" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_24.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
{C3F79A2B-B9B4-4A66-B012-3EE46475B072} "MessengerStatsClient Class" - "Microsoft Corporation" - C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll / hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} "Office Genuine Advantage Validation Tool" - ? - C:\Windows\system32\OGACheckControl.DLL / hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10i.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{4944924A-64E4-49C1-AC97-ABA3927262FE} "StWbUsa Control" - "YNK" - C:\Windows\DOWNLO~1\StWbUsa.ocx / hxxp://channel.dontblynk.com/Launcher/StWbUsa.CAB
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine" - "Conduit Ltd." - C:\Program Files\ConduitEngine\prxConduitEngine.dll
{0BF43445-2F28-4351-9252-17FE6E806AA0} "McAfee SiteAdvisor" - ? -  (File not found | COM-object registry key not found)
{6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
{29CF293A-1E7D-4069-9E11-E39698D0AF95} "QQ工具栏" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - ? - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{3134413B-49B4-425C-98A5-893C1F195601} "BHO_Startup Class" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
{30F9B915-B755-4826-820B-08FBA6BD249D} "Conduit Engine" - "Conduit Ltd." - C:\Program Files\ConduitEngine\prxConduitEngine.dll
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} "Credential Manager for HP ProtectTools" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6d8d66f3-14fc-4736-a096-fac0ea66289c} "midicase Toolbar" - "Conduit Ltd." - C:\Program Files\midicase\prxtbmidi.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Gamer-Pro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %SystemDrive%\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"GamersFirst LIVE!.lnk" - "GamersFirst" - C:\Program Files\GamersFirst\LIVE!\Live.exe  (Shortcut exists | File exists)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"AVMWlanClient" - "AVM Berlin" - C:\Program Files\avmwlanstick\wlangui.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"TrayServer" - "MAGIX AG" - C:\Program Files\MAGIX\Video_deluxe_17_Premium_Download-Version\TrayServer.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFC" - "PDF Complete, Inc." - C:\Windows\system32\pdfc_port.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000" (MatSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Fix it Center\Matsvc.exe
"@%SystemRoot%\System32\shsvcs.dll,-12288" (ShellHWDetection) - "Microsoft Corporation" - C:\Windows\System32\shsvcs.dll
"@%SystemRoot%\System32\shsvcs.dll,-8192" (Themes) - "Microsoft Corporation" - C:\Windows\system32\shsvcs.dll
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"ActivClient Middleware Service" (accoca) - "ActivIdentity" - C:\Program Files\ActivIdentity\ActivClient\accoca.exe
"Akamai NetSession Interface" (Akamai) - ? - c:\program files\common files\akamai\netsession_win_d76cf65.dll  (File found, but it contains no detailed information)
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"AVM WLAN Connection Service" (AVM WLAN Connection Service) - "AVM Berlin" - C:\Program Files\avmwlanstick\WlanNetService.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
"File Sanitizer for HP ProtectTools" (HPFSService) - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
"FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP ProtectTools Gerätesperre/Überwachung" (FLCDLOCK) - "Hewlett-Packard Ltd" - C:\Windows\system32\flcdlock.exe
"HP ProtectTools Service" (HP ProtectTools Service) - "Hewlett-Packard Development Company, L.P" - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
"hpqwmiex" (hpqwmiex) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Intel(R) Active Management Technology Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files\Intel\AMT\LMS.exe
"Intel(R) Active Management Technology User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
"LogMeIn Hamachi 2.0 Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
"Logon Session Broker" (ASBroker) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
"Lokaler Verbindungskanal" (ASChannel) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
"McAfee Application Installer Cleanup (0065941272830566)" (0065941272830566mcinstcleanup) - ? - C:\Users\GAMER-~1\AppData\Local\Temp\006594~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service  (File not found)
"McAfee-Dienst zum Schutz vor Viren und Spyware" (myAgtSvc) - ? - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe /ServiceStart  (File not found)
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"nProtect GameGuard Service" (npggsvc) - "INCA Internet Co., Ltd." - C:\Windows\system32\GameMon.des
"PDF Document Manager" (pdfcDispatcher) - "PDF Complete Inc" - C:\Program Files\PDF Complete\pdfsvc.exe
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
"Sandboxie Service" (SbieSvc) - "SANDBOXIE L.T.D" - C:\Program Files\Sandboxie\SbieSvc.exe
"ServiceLayer" (ServiceLayer) - "Nokia." - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{8F51D94E-8B89-4844-B15C-9C049BA0F49F} "DLLName" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItVCard.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"DeviceNP" - "Hewlett-Packard Limited" - C:\Windows\system32\DeviceNP.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]

cosinus 20.03.2011 12:24
Sieht schonmal besser aus. Wie ist es jetzt um deinen Rechner bestellt?

M1600wner 21.03.2011 17:26
Das Problem mit dem IE9 ist immernoch gleich.

cosinus 21.03.2011 18:22
Deinstalliere den IE9 bitte erstmal, dass du wieder den IE8 hast. mach das, teste und berichte.

M1600wner 21.03.2011 20:59
Ich schreibe hier jetzt gerade, vom IE8. (Läuft also alles einwandfrei.) - Sollte ich nicht vielleicht versuchen, den IE8 zu deinstallieren, und dann den IE9 draufzuspielen?

cosinus 21.03.2011 21:20
Warte mit dem IE9 erstmal etwas ab. Die neuste Software ist nicht unbedingt immer die beste.

M1600wner 21.03.2011 21:22
Zitat:
Zitat von cosinus (Beitrag 631675)
Warte mit dem IE9 erstmal etwas ab. Die neuste Software ist nicht unbedingt immer die beste.
Naja. - Aber Nicht aktuelle Software ist auch nicht gerade das wahre, was Sicherheitslücken und so betrifft. :lach:


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:47 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58