Trojaner-Board - Google leitet Link um

Combofix Logfile:

Code:

ComboFix 11-06-05.02 - steffen 05.06.2011  21:44:39.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.4094.2705 [GMT 2:00]

ausgeführt von:: c:\users\steffen\Desktop\Cofi.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2011-05-05 bis 2011-06-05  ))))))))))))))))))))))))))))))

.

.

2011-06-05 19:48 . 2011-06-05 19:48        --------        d-----w-        c:\users\Default\AppData\Local\temp

2011-06-05 18:31 . 2011-06-05 18:31        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird

2011-06-05 18:14 . 2010-09-14 06:45        367104        ----a-w-        c:\windows\system32\wcncsvc.dll

2011-06-05 18:14 . 2010-09-14 06:07        276992        ----a-w-        c:\windows\SysWow64\wcncsvc.dll

2011-06-05 18:06 . 2009-09-10 06:28        311808        ----a-w-        c:\windows\system32\msv1_0.dll

2011-06-05 18:06 . 2009-09-10 05:52        257024        ----a-w-        c:\windows\SysWow64\msv1_0.dll

2011-06-05 17:53 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe

2011-06-05 17:45 . 2010-03-04 04:40        184832        ----a-w-        c:\windows\system32\drivers\usbvideo.sys

2011-06-05 17:45 . 2010-03-04 04:32        243712        ----a-w-        c:\windows\system32\drivers\ks.sys

2011-06-04 22:00 . 2011-05-24 17:12        8718160        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57C9CC83-3BE4-4AEA-BABB-DD3CF61AD192}\mpengine.dll

2011-06-04 21:43 . 2009-12-11 10:29        153160        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys

2011-06-04 21:43 . 2009-12-11 09:24        1446912        ----a-w-        c:\windows\system32\lsasrv.dll

2011-06-04 21:43 . 2009-12-11 07:39        22016        ----a-w-        c:\windows\SysWow64\secur32.dll

2011-06-04 21:43 . 2009-12-11 07:36        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll

2011-06-04 21:40 . 2010-09-01 05:14        167424        ----a-w-        c:\program files\Windows Media Player\wmplayer.exe

2011-06-04 21:40 . 2010-09-01 04:26        164864        ----a-w-        c:\program files (x86)\Windows Media Player\wmplayer.exe

2011-06-04 21:40 . 2010-09-01 05:12        12625920        ----a-w-        c:\windows\system32\wmploc.DLL

2011-06-04 21:40 . 2010-09-01 04:23        12625408        ----a-w-        c:\windows\SysWow64\wmploc.DLL

2011-06-04 21:40 . 2010-12-18 06:11        714752        ----a-w-        c:\windows\system32\kerberos.dll

2011-06-04 21:40 . 2010-12-18 05:29        541184        ----a-w-        c:\windows\SysWow64\kerberos.dll

2011-06-04 21:40 . 2010-03-05 07:52        84992        ----a-w-        c:\windows\system32\asycfilt.dll

2011-06-04 21:40 . 2010-03-05 07:42        67584        ----a-w-        c:\windows\SysWow64\asycfilt.dll

2011-06-04 21:40 . 2010-10-27 05:06        2048        ----a-w-        c:\windows\system32\tzres.dll

2011-06-04 21:40 . 2010-10-27 04:32        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

2011-06-04 21:39 . 2011-02-26 06:23        2870272        ----a-w-        c:\windows\explorer.exe

2011-06-04 21:38 . 2010-12-23 06:07        961024        ----a-w-        c:\windows\system32\CPFilters.dll

2011-06-04 21:38 . 2010-12-23 06:07        723968        ----a-w-        c:\windows\system32\EncDec.dll

2011-06-04 21:38 . 2010-12-23 06:07        1118720        ----a-w-        c:\windows\system32\sbe.dll

2011-06-04 21:38 . 2010-12-23 06:02        259072        ----a-w-        c:\windows\system32\mpg2splt.ax

2011-06-04 21:38 . 2010-12-23 05:28        642048        ----a-w-        c:\windows\SysWow64\CPFilters.dll

2011-06-04 21:38 . 2010-12-23 05:28        534528        ----a-w-        c:\windows\SysWow64\EncDec.dll

2011-06-04 21:38 . 2010-12-23 05:28        850432        ----a-w-        c:\windows\SysWow64\sbe.dll

2011-06-04 21:38 . 2010-12-23 05:24        199680        ----a-w-        c:\windows\SysWow64\mpg2splt.ax

2011-06-04 21:37 . 2010-08-26 04:39        109056        ----a-w-        c:\windows\SysWow64\t2embed.dll

2011-06-04 21:37 . 2010-10-19 08:10        7680        ----a-w-        c:\program files (x86)\Internet Explorer\iecompat.dll

2011-06-04 21:37 . 2010-06-29 05:35        4582912        ----a-w-        c:\program files\Windows NT\Accessories\wordpad.exe

2011-06-04 21:37 . 2010-06-29 05:39        2085376        ----a-w-        c:\windows\system32\ole32.dll

2011-06-04 21:37 . 2010-06-29 05:02        1413632        ----a-w-        c:\windows\SysWow64\ole32.dll

2011-06-04 21:36 . 2010-11-02 05:17        1169408        ----a-w-        c:\windows\system32\taskschd.dll

2011-06-04 21:36 . 2010-11-02 05:16        1114624        ----a-w-        c:\windows\system32\schedsvc.dll

2011-06-04 21:36 . 2010-11-02 05:10        464384        ----a-w-        c:\windows\system32\taskeng.exe

2011-06-04 21:36 . 2010-11-02 05:10        285696        ----a-w-        c:\windows\system32\schtasks.exe

2011-06-04 21:36 . 2010-11-02 04:40        496128        ----a-w-        c:\windows\SysWow64\taskschd.dll

2011-06-04 21:36 . 2010-11-02 04:40        305152        ----a-w-        c:\windows\SysWow64\taskcomp.dll

2011-06-04 21:36 . 2010-11-02 04:34        192000        ----a-w-        c:\windows\SysWow64\taskeng.exe

2011-06-04 21:36 . 2010-11-02 04:34        179712        ----a-w-        c:\windows\SysWow64\schtasks.exe

2011-06-04 21:36 . 2010-05-05 07:37        483840        ----a-w-        c:\windows\system32\StructuredQuery.dll

2011-06-04 21:36 . 2010-05-05 06:46        363520        ----a-w-        c:\windows\SysWow64\StructuredQuery.dll

2011-06-04 21:36 . 2009-09-03 07:36        1975296        ----a-w-        c:\windows\system32\CertEnroll.dll

2011-06-04 21:36 . 2009-09-03 07:04        1320960        ----a-w-        c:\windows\SysWow64\CertEnroll.dll

2011-06-04 21:33 . 2010-03-04 07:57        2080256        ----a-w-        c:\program files\Windows Mail\msoe.dll

2011-06-04 21:33 . 2010-03-04 07:33        1619968        ----a-w-        c:\program files (x86)\Windows Mail\msoe.dll

2011-06-04 21:33 . 2010-08-04 07:07        552960        ----a-w-        c:\windows\system32\msdri.dll

2011-06-04 21:33 . 2010-08-04 07:05        288256        ----a-w-        c:\windows\system32\MSNP.ax

2011-06-04 21:33 . 2010-08-04 06:15        204288        ----a-w-        c:\windows\SysWow64\MSNP.ax

2011-06-04 21:30 . 2010-06-14 06:37        1896832        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2011-06-04 21:30 . 2011-02-24 06:30        476160        ----a-w-        c:\windows\system32\XpsGdiConverter.dll

2011-06-04 21:30 . 2011-02-24 05:32        288256        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll

2011-06-04 21:30 . 2010-08-21 06:36        340992        ----a-w-        c:\windows\system32\schannel.dll

2011-06-04 21:30 . 2010-08-21 05:36        224256        ----a-w-        c:\windows\SysWow64\schannel.dll

2011-06-04 21:30 . 2010-08-21 06:31        633856        ----a-w-        c:\windows\system32\comctl32.dll

2011-06-04 21:30 . 2011-02-18 06:37        612352        ----a-w-        c:\windows\system32\vbscript.dll

2011-06-04 21:30 . 2011-02-18 05:36        428032        ----a-w-        c:\windows\SysWow64\vbscript.dll

2011-06-04 21:28 . 2009-12-22 08:36        243200        ----a-w-        c:\windows\system32\wow64.dll

2011-06-04 21:27 . 2011-02-24 06:29        1197056        ----a-w-        c:\windows\system32\wininet.dll

2011-06-04 21:24 . 2010-12-21 06:16        214016        ----a-w-        c:\windows\system32\winsrv.dll

2011-06-04 21:23 . 2010-10-16 05:19        395776        ----a-w-        c:\windows\system32\webio.dll

2011-06-04 21:23 . 2010-10-16 04:36        314368        ----a-w-        c:\windows\SysWow64\webio.dll

2011-06-04 21:23 . 2011-04-22 20:18        27008        ----a-w-        c:\windows\system32\drivers\Diskdump.sys

2011-06-04 21:23 . 2010-07-29 06:30        82944        ----a-w-        c:\windows\SysWow64\iccvid.dll

2011-06-04 21:23 . 2009-09-26 06:20        223448        ----a-w-        c:\windows\system32\drivers\fvevol.sys

2011-06-04 21:23 . 2011-03-03 06:17        182272        ----a-w-        c:\windows\system32\dnsrslvr.dll

2011-06-04 21:23 . 2011-03-03 06:14        30208        ----a-w-        c:\windows\system32\dnscacheugc.exe

2011-06-04 21:21 . 2010-10-27 05:16        1739176        ----a-w-        c:\windows\system32\ntdll.dll

2011-06-04 21:21 . 2010-10-27 04:40        1293120        ----a-w-        c:\windows\SysWow64\ntdll.dll

2011-06-04 21:21 . 2011-03-08 06:14        976896        ----a-w-        c:\windows\system32\inetcomm.dll

2011-06-04 21:21 . 2010-10-12 05:05        35328        ----a-w-        c:\program files\Windows Mail\wabfind.dll

2011-06-04 21:21 . 2010-10-12 05:00        516096        ----a-w-        c:\program files\Windows Mail\wab.exe

2011-06-04 21:21 . 2010-10-12 04:25        516096        ----a-w-        c:\program files (x86)\Windows Mail\wab.exe

2011-06-04 21:13 . 2011-02-23 05:15        157696        ----a-w-        c:\windows\system32\drivers\mrxsmb.sys

2011-06-04 20:05 . 2010-12-18 06:12        3138048        ----a-w-        c:\windows\system32\mstscax.dll

2011-06-04 20:05 . 2010-12-18 06:08        1097216        ----a-w-        c:\windows\system32\mstsc.exe

2011-06-04 20:05 . 2010-12-18 05:30        2690560        ----a-w-        c:\windows\SysWow64\mstscax.dll

2011-06-04 20:05 . 2010-12-18 05:26        1034240        ----a-w-        c:\windows\SysWow64\mstsc.exe

2011-06-03 21:57 . 2011-06-04 22:43        --------        d-----w-        c:\program files (x86)\7-Zip

2011-06-03 21:47 . 2010-06-29 04:57        4247040        ----a-w-        c:\program files (x86)\Windows NT\Accessories\wordpad.exe

2011-06-03 21:47 . 2010-11-02 05:18        524288        ----a-w-        c:\windows\system32\wmicmiplugin.dll

2011-06-03 21:47 . 2010-11-02 05:17        473600        ----a-w-        c:\windows\system32\taskcomp.dll

2011-06-03 21:45 . 2010-08-21 05:33        530432        ----a-w-        c:\windows\SysWow64\comctl32.dll

2011-06-03 21:41 . 2010-11-02 05:12        197120        ----a-w-        c:\windows\system32\d3d10_1.dll

2011-06-03 21:41 . 2010-11-02 04:41        135168        ----a-w-        c:\windows\SysWow64\XpsRasterService.dll

2011-06-03 21:41 . 2010-11-02 04:35        161792        ----a-w-        c:\windows\SysWow64\d3d10_1.dll

2011-06-03 21:41 . 2011-03-03 05:27        28672        ----a-w-        c:\windows\SysWow64\dnscacheugc.exe

2011-06-03 21:41 . 2010-08-21 05:36        738816        ----a-w-        c:\windows\SysWow64\wmpmde.dll

2011-06-03 21:39 . 2011-03-08 05:38        740864        ----a-w-        c:\windows\SysWow64\inetcomm.dll

2011-06-03 21:38 . 2011-04-09 06:58        142336        ----a-w-        c:\windows\system32\poqexec.exe

2011-06-03 21:38 . 2011-04-09 05:56        123904        ----a-w-        c:\windows\SysWow64\poqexec.exe

2011-06-03 21:38 . 2011-02-26 05:33        2614784        ----a-w-        c:\windows\SysWow64\explorer.exe

2011-06-03 21:38 . 2010-10-19 08:47        7680        ----a-w-        c:\program files\Internet Explorer\iecompat.dll

2011-06-03 21:37 . 2010-01-18 23:28        280064        ----a-w-        c:\windows\SysWow64\RMActivate_ssp.exe

2011-06-03 21:36 . 2011-04-09 06:45        5509504        ----a-w-        c:\windows\system32\ntoskrnl.exe

2011-06-03 21:36 . 2010-12-21 06:13        2003968        ----a-w-        c:\windows\system32\msxml6.dll

2011-06-03 21:36 . 2010-12-21 05:38        204288        ----a-w-        c:\windows\SysWow64\upnp.dll

2011-06-03 21:36 . 2010-12-21 06:15        15360        ----a-w-        c:\windows\system32\slwga.dll

2011-06-03 21:36 . 2010-12-21 05:38        14336        ----a-w-        c:\windows\SysWow64\slwga.dll

2011-06-03 21:35 . 2009-12-22 04:28        2048        ----a-w-        c:\windows\SysWow64\user.exe

2011-06-03 21:35 . 2010-08-21 06:29        558592        ----a-w-        c:\windows\system32\spoolsv.exe

2011-06-03 21:34 . 2011-02-05 12:41        20352        ----a-w-        c:\windows\system32\kdusb.dll

2011-06-03 21:27 . 2010-10-16 04:33        208896        ----a-w-        c:\program files (x86)\Common Files\System\msadc\msadco.dll

2011-06-03 21:27 . 2010-08-27 05:46        9728        ----a-w-        c:\windows\SysWow64\sscore.dll

2011-06-03 19:13 . 2011-06-03 19:13        --------        d-----w-        c:\programdata\SUPERAntiSpyware.com

2011-06-03 19:13 . 2011-06-03 19:13        --------        d-----w-        c:\programdata\!SASCORE

2011-06-03 19:13 . 2011-06-04 07:04        --------        d-----w-        c:\program files\SUPERAntiSpyware

2011-06-02 18:56 . 2010-08-26 05:27        148992        ----a-w-        c:\windows\system32\t2embed.dll

2011-06-02 18:52 . 2009-12-13 09:46        613888        ----a-w-        c:\windows\system32\psisdecd.dll

2011-06-02 18:52 . 2009-12-13 09:30        465408        ----a-w-        c:\windows\SysWow64\psisdecd.dll

2011-06-02 18:52 . 2011-04-09 06:13        3957632        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2011-06-02 18:52 . 2011-04-09 06:13        3901824        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2011-06-02 18:46 . 2011-06-02 18:46        --------        d-----w-        c:\program files (x86)\MSXML 4.0

2011-06-01 19:51 . 2011-06-04 07:04        --------        d-----w-        c:\program files (x86)\WhiteSmoke

2011-06-01 19:16 . 2011-06-01 19:16        --------        d-----w-        c:\programdata\Photo Notifier and Animation Creator

2011-06-01 19:16 . 2011-06-01 19:16        --------        d-----w-        c:\program files (x86)\Photo Notifier and Animation Creator

2011-05-31 20:25 . 2011-05-31 20:25        --------        d-----w-        c:\programdata\Malwarebytes

2011-05-31 20:25 . 2011-05-31 21:30        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2011-05-31 19:42 . 2011-05-31 19:42        --------        d-----w-        c:\program files (x86)\Trend Micro

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-30 04:56 . 2011-05-30 04:56        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui

2011-05-30 04:55 . 2011-05-30 04:55        5632        ----a-w-        c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui

2011-05-30 04:55 . 2011-05-30 04:55        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui

2011-05-30 04:55 . 2011-05-30 04:55        51712        ----a-w-        c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui

2011-05-30 04:55 . 2011-05-30 04:55        29696        ----a-w-        c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui

2011-05-30 04:55 . 2011-05-30 04:55        16896        ----a-w-        c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui

2011-05-29 19:08 . 2009-11-03 04:11        6        ----a-w-        c:\windows\system32\PLD_Framework.cmd

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2009-11-03 04:22        433648        ----a-w-        c:\programdata\Partner\Partner.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:41        120104        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-03 39408]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-18 1157128]

"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]

"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-10-29 419112]

"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-10-22 181480]

"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-25 588648]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 135664]

R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]

R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2009-11-03 332272]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-29 844320]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - 07442199

*Deregistered* - 07442199

.

Inhalt des "geplante Tasks" Ordners

.

2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 19:40]

.

2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-29 19:40]

.

2011-06-05 c:\windows\Tasks\WinMaximizer-steffen-Startup.job

- c:\program files (x86)\WinMaximizer\WinMaximizer.exe [2011-05-31 14:21]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]

2009-11-03 04:22        750064        ----a-w-        c:\programdata\Partner\Partner64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2009-09-10 13:44        137512        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-10-29 822816]

"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-09-10 349480]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]

"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://mystart.incredimail.com/mb50?u=1036045019594548084

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://mystart.incredimail.com/mb50?u=1036045019594548084

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\steffen\AppData\Roaming\Mozilla\Firefox\Profiles\047vxo1k.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.freenet.de/

FF - prefs.js: network.proxy.type - 0

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: IncrediMail MediaBar Deutsch 2 Community Toolbar: {990af1c2-5a27-4460-8149-ecc6bc122af3} - %profile%\extensions\{990af1c2-5a27-4460-8149-ecc6bc122af3}

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

URLSearchHooks-{990af1c2-5a27-4460-8149-ecc6bc122af3} - (no file)

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

WebBrowser-{990AF1C2-5A27-4460-8149-ECC6BC122AF3} - (no file)

.

.

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2011-06-05  21:49:59

ComboFix-quarantined-files.txt  2011-06-05 19:49

ComboFix2.txt  2011-05-31 20:59

.

Vor Suchlauf: 9 Verzeichnis(se), 350.002.372.608 Bytes frei

Nach Suchlauf: 12 Verzeichnis(se), 349.687.324.672 Bytes frei

.

- - End Of File - - F45E72E407329A75C2A46D4C2130B3B9

--- --- ---

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: Acer
System Manufacturer: Acer
System Product Name: Aspire 5732Z
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 190):
0x02A1B000 \SystemRoot\system32\ntoskrnl.exe
0x02FF7000 \SystemRoot\system32\hal.dll
0x00BB1000 \SystemRoot\system32\kdcom.dll
0x00CB2000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CF6000 \SystemRoot\system32\PSHED.dll
0x00D0A000 \SystemRoot\system32\CLFS.SYS
0x00E38000 \SystemRoot\system32\CI.dll
0x00EF8000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F9C000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00D68000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FAB000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FB4000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00FBE000 \SystemRoot\system32\DRIVERS\pci.sys
0x00FF1000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E00000 \SystemRoot\System32\drivers\partmgr.sys
0x00E15000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E1E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00DBF000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys
0x01051000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0116D000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01176000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x011A0000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x011AB000 \SystemRoot\system32\drivers\fltmgr.sys
0x01000000 \SystemRoot\system32\drivers\fileinfo.sys
0x01244000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0144F000 \SystemRoot\System32\Drivers\msrpc.sys
0x014AD000 \SystemRoot\System32\Drivers\ksecdd.sys
0x014C7000 \SystemRoot\System32\Drivers\cng.sys
0x0153A000 \SystemRoot\System32\drivers\pcw.sys
0x0154B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01625000 \SystemRoot\system32\drivers\ndis.sys
0x01717000 \SystemRoot\system32\drivers\NETIO.SYS
0x01777000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x017A2000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x017EE000 \SystemRoot\System32\Drivers\spldr.sys
0x01555000 \SystemRoot\System32\drivers\rdyboost.sys
0x01600000 \SystemRoot\System32\Drivers\mup.sys
0x01612000 \SystemRoot\System32\drivers\hwpolicy.sys
0x0158F000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x015C9000 \SystemRoot\system32\DRIVERS\disk.sys
0x01400000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02A13000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02A3D000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x02A6E000 \SystemRoot\system32\DRIVERS\mwlPSDFilter.sys
0x02A77000 \SystemRoot\System32\Drivers\Null.SYS
0x02A80000 \SystemRoot\System32\Drivers\Beep.SYS
0x02A87000 \SystemRoot\System32\drivers\vga.sys
0x02A95000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02ABA000 \SystemRoot\System32\drivers\watchdog.sys
0x02ACA000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02BF1000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0161B000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0143E000 \SystemRoot\System32\Drivers\Msfs.SYS
0x015DF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03802000 \SystemRoot\System32\drivers\tcpip.sys
0x03A70000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x03ABA000 \SystemRoot\system32\DRIVERS\tdx.sys
0x03AD8000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03AE5000 \SystemRoot\system32\drivers\afd.sys
0x03B6F000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03BB4000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03BBD000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03BE3000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03A00000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03A0F000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03A2A000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03C85000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03CD6000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03CE2000 \SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys
0x03CF5000 \SystemRoot\system32\DRIVERS\mwlPSDNServ.sys
0x03CFD000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03D08000 \SystemRoot\System32\drivers\discache.sys
0x03D17000 \SystemRoot\System32\Drivers\dfsc.sys
0x03D35000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03D46000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03D6C000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x046B9000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04CFA000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04600000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04646000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04653000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04DEE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03D82000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03E7A000 \SystemRoot\system32\DRIVERS\athrx.sys
0x03E00000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x03E0D000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x03E20000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x03E25000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x03E43000 \SystemRoot\SysWOW64\Drivers\DKbFltr.sys
0x03E4F000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03DA6000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03E5E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03E60000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03E6F000 \??\C:\Windows\system32\drivers\UBHelper.sys
0x03FF6000 \??\C:\Windows\system32\drivers\NTIDrvr.sys
0x046A9000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03DEF000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x03C00000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03C16000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03C3A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x03C46000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03A3E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01200000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x01221000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03FFE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04046000 \SystemRoot\system32\DRIVERS\ks.sys
0x04089000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0409B000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x040F5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05A07000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x0410A000 \SystemRoot\system32\drivers\portcls.sys
0x04147000 \SystemRoot\system32\drivers\drmk.sys
0x05BE6000 \SystemRoot\system32\drivers\ksthunk.sys
0x05BEC000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02AD3000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x04169000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x0417C000 \SystemRoot\System32\drivers\Dxapi.sys
0x04188000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x041A5000 \SystemRoot\System32\Drivers\usbvideo.sys
0x041D3000 \SystemRoot\system32\DRIVERS\monitor.sys
0x041E1000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x04000000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x04019000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x04022000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00480000 \SystemRoot\System32\TSDDD.dll
0x00630000 \SystemRoot\System32\cdd.dll
0x01014000 \SystemRoot\system32\drivers\luafv.sys
0x00C76000 \SystemRoot\system32\drivers\WudfPf.sys
0x0402F000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03266000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x032B9000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x032CC000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x032E4000 \SystemRoot\system32\drivers\HTTP.sys
0x033AC000 \SystemRoot\system32\DRIVERS\bowser.sys
0x033CA000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03200000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x052E5000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05333000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x05356000 \SystemRoot\system32\drivers\peauth.sys
0x05200000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0520B000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x05238000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0524A000 \SystemRoot\System32\DRIVERS\srv2.sys
0x06082000 \SystemRoot\System32\DRIVERS\srv.sys
0x06117000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x061D6000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x061DE000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0x773B0000 \Windows\System32\ntdll.dll
0x48560000 \Windows\System32\smss.exe
0xFF6D0000 \Windows\System32\apisetschema.dll
0xFF6B0000 \Windows\System32\autochk.exe
0x77580000 \Windows\System32\psapi.dll
0xFF590000 \Windows\System32\wininet.dll
0x77570000 \Windows\System32\normaliz.dll
0xFF510000 \Windows\System32\shlwapi.dll
0xFF4C0000 \Windows\System32\Wldap32.dll
0xFF420000 \Windows\System32\clbcatq.dll
0xFF380000 \Windows\System32\comdlg32.dll
0xFF310000 \Windows\System32\gdi32.dll
0xFF230000 \Windows\System32\advapi32.dll
0xFF120000 \Windows\System32\msctf.dll
0xFF110000 \Windows\System32\lpk.dll
0xFF100000 \Windows\System32\nsi.dll
0xFF0D0000 \Windows\System32\imm32.dll
0xFF080000 \Windows\System32\ws2_32.dll
0xFE2F0000 \Windows\System32\shell32.dll
0xFE210000 \Windows\System32\oleaut32.dll
0xFE140000 \Windows\System32\usp10.dll
0xFE0C0000 \Windows\System32\difxapi.dll
0xFDF40000 \Windows\System32\urlmon.dll
0xFDD60000 \Windows\System32\setupapi.dll
0xFDD40000 \Windows\System32\sechost.dll
0xFDD20000 \Windows\System32\imagehlp.dll
0x77290000 \Windows\System32\kernel32.dll
0xFDB10000 \Windows\System32\ole32.dll
0x77190000 \Windows\System32\user32.dll
0xFDA70000 \Windows\System32\msvcrt.dll
0xFD940000 \Windows\System32\rpcrt4.dll
0xFD6E0000 \Windows\System32\iertutil.dll
0xFD640000 \Windows\System32\comctl32.dll
0xFD620000 \Windows\System32\devobj.dll
0xFD5E0000 \Windows\System32\cfgmgr32.dll
0xFD5A0000 \Windows\System32\wintrust.dll
0xFD530000 \Windows\System32\KernelBase.dll
0xFD3C0000 \Windows\System32\crypt32.dll
0xFD3B0000 \Windows\System32\msasn1.dll
0x76AE0000 \Windows\SysWOW64\normaliz.dll

Processes (total 66):
0 System Idle Process
4 System
312 C:\Windows\System32\smss.exe
456 csrss.exe
520 C:\Windows\System32\wininit.exe
532 csrss.exe
576 C:\Windows\System32\services.exe
592 C:\Windows\System32\lsass.exe
600 C:\Windows\System32\lsm.exe
648 C:\Windows\System32\winlogon.exe
744 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\svchost.exe
872 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
968 C:\Windows\System32\atiesrxx.exe
1000 C:\Windows\System32\svchost.exe
392 C:\Windows\System32\svchost.exe
372 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\svchost.exe
1300 C:\Windows\System32\svchost.exe
1468 C:\Windows\System32\spoolsv.exe
1500 C:\Windows\System32\svchost.exe
1632 C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
1696 C:\Windows\System32\svchost.exe
1836 C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
1916 C:\Program Files\Acer\Acer Updater\UpdaterService.exe
1172 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2700 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
2900 C:\Windows\System32\LogonUI.exe
2936 C:\Windows\System32\atieclxx.exe
2420 C:\Windows\System32\taskhost.exe
2516 C:\Windows\System32\dwm.exe
1208 C:\Windows\explorer.exe
2004 C:\Windows\System32\SearchIndexer.exe
1048 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
2340 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1404 C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
1744 C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
2556 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2316 C:\Program Files\Microsoft Security Client\msseces.exe
3096 C:\Windows\System32\wbem\unsecapp.exe
3188 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
3212 WmiPrvSE.exe
3428 C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
3576 C:\Program Files (x86)\Launch Manager\LManager.exe
3592 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3608 C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
3652 C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
3672 C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
3816 C:\Windows\System32\svchost.exe
3936 C:\Program Files\Windows Media Player\wmpnetwk.exe
3472 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2796 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
4788 C:\Windows\System32\wuauclt.exe
4396 C:\Program Files\Windows Sidebar\sidebar.exe
4500 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
4968 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1428 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
3288 C:\Windows\System32\audiodg.exe
2232 C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
2932 C:\Windows\System32\SearchProtocolHost.exe
2460 C:\Windows\System32\SearchFilterHost.exe
4436 dllhost.exe
3140 dllhost.exe
1156 C:\Users\steffen\Desktop\MBRCheck.exe
1672 C:\Windows\System32\conhost.exe
2136 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`069e5800 (NTFS)

PhysicalDrive0 Model Number: ST9400326AS, Rev: 0001SDM1

Size Device Name MBR Status
--------------------------------------------
372 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!