| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google wird z.T. redirected+Windows Security Center disabled unter W7Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.06.2011, 19:04
| #16 |
| /// Malware-holic   |  Google wird z.T. redirected+Windows Security Center disabled unter W7 poste mir ein neues otl log bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2011, 17:23
| #17 |
 | Google wird z.T. redirected+Windows Security Center disabled unter W7 Soll ich vorgehen, wie du es mir bereits beschrieben hast (mit dem Fix-Button) oder anders? Wenn anders, bitte ich um ein Tutorial
__________________ |
|
16.06.2011, 17:39
| #18 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 einen otl scan wie am anfang
__________________
__________________ |
|
16.06.2011, 18:30
| #19 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.06.2011 19:26:36 - Run 4 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Stas\Downloads 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 12,00 Gb Total Physical Memory | 9,92 Gb Available Physical Memory | 82,71% Memory free 23,99 Gb Paging File | 21,36 Gb Available in Paging File | 89,01% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 232,79 Gb Total Space | 98,26 Gb Free Space | 42,21% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 192,11 Gb Free Space | 64,45% Space Free | Partition Type: NTFS Drive E: | 931,51 Gb Total Space | 217,01 Gb Free Space | 23,30% Space Free | Partition Type: NTFS Drive I: | 1397,26 Gb Total Space | 137,18 Gb Free Space | 9,82% Space Free | Partition Type: NTFS Drive X: | 697,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: STAS-PC | User Name: Stas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.09 13:12:18 | 002,978,720 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2011.06.09 02:14:27 | 000,421,032 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2011.06.09 02:14:27 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.06.09 02:14:26 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.06.09 02:14:26 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.06.09 02:14:26 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.08 23:01:07 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Stas\Downloads\OTL.exe PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.04.29 02:25:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe ========== Modules (SafeList) ========== MOD - [2011.06.08 23:01:07 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Stas\Downloads\OTL.exe MOD - [2011.04.11 14:26:52 | 000,213,696 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.03.09 13:12:26 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV:64bit: - [2011.03.09 06:53:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.06.09 13:12:18 | 002,978,720 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2011.06.09 02:14:27 | 000,421,032 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.06.09 02:14:27 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.06.09 02:14:26 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.06.09 02:14:26 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.04.17 10:18:16 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.06.09 02:14:27 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.04.12 14:19:27 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.04.12 14:19:27 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.04.11 21:22:17 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.03.09 06:17:42 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2011.02.20 21:30:06 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc) DRV - [2010.09.05 12:25:22 | 000,048,216 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2010.05.27 03:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 81 F0 6C E9 22 26 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.29 02:26:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.03 22:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stas\AppData\Roaming\Mozilla\Extensions [2011.05.24 01:16:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stas\AppData\Roaming\Mozilla\Firefox\Profiles\7skvv1yg.default\extensions [2011.04.12 23:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.04.11 21:50:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.12 23:29:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\STAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7SKVV1YG.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.04.29 02:25:58 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.07.10 04:16:15 | 000,000,000 | RH-D | M] - I:\autorun -- [ NTFS ] O32 - Unable to obtain root file information for disk I:\ O32 - AutoRun File - [1998.09.15 12:14:30 | 000,168,448 | R--- | M] (Sierra On-Line, Inc.) - X:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2003.03.24 11:08:10 | 000,000,055 | R--- | M] () - X:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.16 14:44:41 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{D7357F16-A250-467E-A58E-C51994537A93} [2011.06.16 02:44:16 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{B64CBC16-047C-46DE-9DF5-20083851D9C8} [2011.06.15 20:04:33 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\Duke Nukem Forever [2011.06.15 19:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911 [2011.06.15 19:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duke Nukem Forever [2011.06.15 18:40:04 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ [2011.06.15 18:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ [2011.06.15 18:39:55 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\VirtualDJ [2011.06.15 18:39:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ [2011.06.15 12:47:55 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{4D597011-87A5-4253-A390-EC5BA7C0930B} [2011.06.15 00:47:19 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{7CAA8D1A-3C08-4B9E-B5F5-301EA46DB922} [2011.06.14 12:46:43 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{A8A3D7CC-01F2-45FA-9CCE-84671070A678} [2011.06.13 12:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra [2011.06.13 12:50:26 | 001,053,184 | ---- | C] (Cendant Software) -- C:\Windows\SysWow64\SierraNW.dll [2011.06.13 12:50:26 | 000,231,936 | ---- | C] (Cendant Software) -- C:\Windows\SysWow64\SNWValid.dll [2011.06.13 12:50:26 | 000,000,000 | ---D | C] -- C:\Windows\solcache [2011.06.13 12:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra On-Line [2011.06.13 12:48:44 | 000,000,000 | ---D | C] -- C:\SIERRA [2011.06.13 12:48:34 | 000,305,664 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe [2011.06.13 12:45:43 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{29FD6B5B-C90B-47F7-BCFE-82435F7711B3} [2011.06.13 01:22:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011.06.13 01:14:56 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011.06.13 01:07:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011.06.13 01:07:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011.06.13 01:07:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011.06.13 01:07:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011.06.13 01:05:46 | 000,000,000 | ---D | C] -- C:\Qoobox [2011.06.13 00:45:18 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{21E0B270-17D8-49A3-A45D-F67D2E0650E7} [2011.06.10 01:32:01 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{7647A89C-53F5-4641-9C99-BC9AC33731F4} [2011.06.09 15:07:18 | 000,000,000 | ---D | C] -- C:\_OTL [2011.06.09 14:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011.06.09 14:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.06.09 14:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.06.09 13:12:02 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{A51CC024-60F9-4AD5-AEB6-D951FD505E9C} [2011.06.09 01:11:19 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{A82DE0AA-F324-492A-A3D7-F875066E8322} [2011.06.08 23:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2011.06.08 23:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2011.06.08 23:34:32 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\Anti-Malware [2011.06.08 22:18:07 | 000,000,000 | ---D | C] -- C:\VundoFix Backups [2011.06.08 22:01:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2011.06.08 20:04:25 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\Avira [2011.06.08 19:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.06.08 19:57:32 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.06.08 19:57:32 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.06.08 19:57:32 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys [2011.06.08 19:57:32 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys [2011.06.08 19:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.06.08 19:57:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.06.08 19:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.06.08 19:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.06.08 19:44:14 | 042,829,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2011.06.08 18:38:19 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\Malwarebytes [2011.06.08 18:38:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.06.08 18:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.08 18:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.08 18:38:10 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.06.08 18:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.06.08 17:29:32 | 000,667,648 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll [2011.06.08 17:29:09 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\MAGIX_MusicMakerHipHopEdition2 [2011.06.08 17:28:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX [2011.06.08 13:10:43 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{3FB73A1E-6525-48D9-BFA6-85379BDC5008} [2011.06.08 12:28:20 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\Native Instruments [2011.06.08 12:27:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5} [2011.06.08 12:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments [2011.06.08 12:25:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B519F32F-827C-40F0-8D31-289E18AFCBCC} [2011.06.08 12:24:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8429ABAF-B3FC-4320-BD86-2F450040BB88} [2011.06.08 12:23:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A7980E87-CCF8-4A63-95C5-FBF6773430E4} [2011.06.08 12:22:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C563A71C-0CD1-48DB-BF21-E9663D577F6E} [2011.06.08 12:21:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{761E38B7-1182-40ED-8916-EAA5F384CFC7} [2011.06.08 12:20:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F1E1AF14-F91F-4ECF-B2AC-261F02221942} [2011.06.08 12:19:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C0C80074-EC49-4159-8610-C3471C7E6846} [2011.06.08 12:17:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F9958806-3326-4B30-A9A3-D5B43C478842} [2011.06.08 12:17:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2C41B757-F5D0-44F9-A206-EEB9CD973927} [2011.06.08 12:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments [2011.06.08 12:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments [2011.06.08 12:17:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14} [2011.06.08 12:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments [2011.06.08 12:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments [2011.06.08 11:02:01 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\MAGIX downloads [2011.06.08 11:01:57 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\MAGIX [2011.06.08 11:01:07 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\MAGIX_Screenshare [2011.06.08 11:00:40 | 000,917,504 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe [2011.06.08 11:00:40 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll [2011.06.08 11:00:40 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll [2011.06.08 11:00:40 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll [2011.06.08 11:00:40 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll [2011.06.08 11:00:40 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll [2011.06.08 11:00:40 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll [2011.06.08 11:00:40 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll [2011.06.08 11:00:40 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll [2011.06.08 11:00:40 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll [2011.06.08 11:00:40 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll [2011.06.08 11:00:40 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll [2011.06.08 11:00:40 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll [2011.06.08 11:00:40 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll [2011.06.08 11:00:40 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll [2011.06.08 11:00:40 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll [2011.06.08 11:00:40 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll [2011.06.08 11:00:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll [2011.06.08 11:00:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll [2011.06.08 11:00:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll [2011.06.08 11:00:40 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll [2011.06.08 11:00:40 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll [2011.06.08 11:00:40 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll [2011.06.08 11:00:34 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\MAGIX_Speed2_burnR_mxcdr [2011.06.08 11:00:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll [2011.06.08 11:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2011.06.08 11:00:14 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\MAGIX_MusicMaker16Premium_Download_Version [2011.06.08 10:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2011.06.08 10:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX [2011.06.08 10:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services [2011.06.07 13:09:53 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{BD33D1C9-2215-4D29-9080-D42C1EB5A1C3} [2011.06.06 12:10:09 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{5F7395E2-7E3C-4114-9CC8-D5E82B305291} [2011.06.05 23:37:33 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{A1972704-22D4-4785-9B09-3B8D7DDB697C} [2011.06.03 11:06:00 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{06EA1021-294C-4A54-A172-69EDEF56AC21} [2011.06.02 15:57:56 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{82E1516E-09C7-498A-B5DA-1C40F18C83AF} [2011.06.01 14:23:58 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{772453A5-CC12-48BF-98D4-F1AB89610A68} [2011.06.01 02:23:33 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{F287681F-9DBE-4871-86FC-EB6E50B76BE4} [2011.06.01 02:01:25 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{5CBB2BC3-4D05-4639-80C3-1C1F5D031E5F} [2011.05.31 23:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASCII [2011.05.31 23:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.05.31 17:50:10 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\NCH Software [2011.05.31 17:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2011.05.31 17:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite [2011.05.31 17:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Swift Sound [2011.05.31 17:47:55 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\NCH Swift Sound [2011.05.31 17:32:57 | 000,000,000 | ---D | C] -- C:\My Music [2011.05.31 17:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioConverter Studio [2011.05.31 17:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AudioConverter Studio [2011.05.31 17:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.05.31 17:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic FLAC to MP3 Converter [2011.05.31 17:30:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLAC to MP3 Converter [2011.05.31 13:59:01 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{A04D95DD-F9ED-423B-B298-C0C26BE3ABA6} [2011.05.31 01:58:26 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{02671E0A-7EC4-42BE-8711-E2E20F945B53} [2011.05.30 13:58:14 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{F900B06B-82BF-4125-9DFC-E10DAFCFC69A} [2011.05.30 00:23:14 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{81EE703F-EB6F-4B9F-A60C-A62207574991} [2011.05.27 12:32:00 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{D00A5AF5-E115-480F-B3B7-9142729243A1} [2011.05.26 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{929FBABF-2DE4-4F4F-A8F9-A94248995029} [2011.05.26 01:59:32 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{D1E4DAA2-2362-4DA0-8096-8EAAF43C2194} [2011.05.25 14:02:41 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.05.25 13:59:08 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{C3603835-3AB8-449F-9D2B-B474BAFCB969} [2011.05.24 14:07:16 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{E63546A2-878B-46F1-B9A3-D00734E59676} [2011.05.24 02:06:51 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{518CC63E-2757-4655-AE79-F4B77A171C9E} [2011.05.22 23:37:11 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{B3DC678C-A3A5-46F7-A7A9-E1E81A1DEF32} [2011.05.22 11:36:58 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{19225ED1-2CB2-4D5B-8C47-54EC896BE7CE} [2011.05.21 10:33:48 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{8AFB1C0F-63A9-4792-B878-368800256A67} [2011.05.20 10:35:37 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{5B3A3D95-F81F-4E74-90DD-84AE7E3E838E} [2011.05.19 12:40:23 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2011.05.19 12:40:23 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2011.05.19 09:55:13 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{CE10B2A0-6901-4200-BE7F-40D7B2BD32E9} [2011.05.18 18:24:56 | 000,000,000 | ---D | C] -- C:\Users\Stas\Documents\Command and Conquer 4 [2011.05.18 16:53:08 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Roaming\Command and Conquer 4 [2011.05.18 11:15:11 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.05.18 11:09:57 | 000,000,000 | ---D | C] -- C:\Users\Stas\AppData\Local\{3281C86B-0697-4918-9A72-BB1C75CFD756} [2011.05.17 22:59:04 | 000,000,000 | ---D | C] -- C:\tmp [2011.05.17 22:59:04 | 000,000,000 | ---D | C] -- C:\output [2011.05.17 22:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLAC To MP3 [2011.05.17 22:58:34 | 000,000,000 | ---D | C] -- C:\FLAC To MP3 [2011.05.17 21:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield ========== Files - Modified Within 30 Days ========== [2011.06.16 13:00:19 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.16 13:00:19 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.06.16 13:00:19 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.06.16 12:59:38 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.16 12:59:38 | 000,010,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.16 12:54:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.16 12:53:56 | 1072,406,526 | -HS- | M] () -- C:\hiberfil.sys [2011.06.15 20:06:09 | 000,001,207 | ---- | M] () -- C:\Users\Stas\Desktop\DukeForever - Shortcut.lnk [2011.06.15 19:41:30 | 000,436,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.06.15 18:40:04 | 000,001,039 | ---- | M] () -- C:\Users\Stas\Desktop\Virtual DJ Pro.lnk [2011.06.13 12:50:34 | 000,000,333 | ---- | M] () -- C:\Windows\SIERRA.INI [2011.06.13 12:45:36 | 000,000,378 | ---- | M] () -- C:\Users\Stas\Desktop\Caesar III - Shortcut.lnk [2011.06.09 14:28:14 | 000,001,282 | ---- | M] () -- C:\Users\Stas\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011.06.09 02:14:27 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.06.08 17:29:32 | 000,006,768 | ---- | M] () -- C:\Windows\mgxoschk.ini [2011.06.08 10:49:31 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.05.31 16:00:03 | 000,000,419 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011.05.31 16:00:03 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2011.05.30 18:31:44 | 000,159,464 | ---- | M] () -- C:\Users\Stas\Documents\Eticket-PS9674-105049-2.pdf [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2011.06.15 20:06:09 | 000,001,207 | ---- | C] () -- C:\Users\Stas\Desktop\DukeForever - Shortcut.lnk [2011.06.15 18:40:04 | 000,001,039 | ---- | C] () -- C:\Users\Stas\Desktop\Virtual DJ Pro.lnk [2011.06.13 12:48:34 | 000,000,333 | ---- | C] () -- C:\Windows\SIERRA.INI [2011.06.13 12:45:36 | 000,000,378 | ---- | C] () -- C:\Users\Stas\Desktop\Caesar III - Shortcut.lnk [2011.06.13 01:07:07 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011.06.13 01:07:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011.06.13 01:07:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011.06.13 01:07:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011.06.13 01:07:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011.06.09 14:28:14 | 000,001,282 | ---- | C] () -- C:\Users\Stas\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011.06.08 22:01:18 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk [2011.06.08 17:29:25 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll [2011.06.08 17:28:03 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.06.08 11:00:40 | 000,038,492 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib [2011.06.08 10:59:22 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2011.05.31 23:18:21 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe [2011.05.31 23:17:37 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll [2011.05.31 23:17:36 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll [2011.05.31 17:47:57 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter.lnk [2011.05.31 16:00:03 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.05.31 16:00:03 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.05.30 18:31:42 | 000,159,464 | ---- | C] () -- C:\Users\Stas\Documents\Eticket-PS9674-105049-2.pdf [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.04.08 16:55:16 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.03 22:08:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.03.21 19:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.01.13 05:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.05.18 16:53:08 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\Command and Conquer 4 [2011.04.11 21:23:13 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\DAEMON Tools Lite [2011.04.11 20:51:43 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\DAEMON Tools Pro [2011.04.22 16:59:02 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\DVDVideoSoft [2011.06.08 17:30:02 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\MAGIX [2011.05.31 17:47:55 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\NCH Swift Sound [2011.04.11 21:33:14 | 000,000,000 | ---D | M] -- C:\Users\Stas\AppData\Roaming\Ubisoft [2009.07.14 07:08:49 | 000,024,422 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
16.06.2011, 18:33
| #20 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 deinstaliere spybot, es kann die reinigung behindern. neustart update malwarebytes, kompett scan, log osten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2011, 19:58
| #21 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 Hier ist der Malwarebytes Log Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6872 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 16.06.2011 20:36:17 mbam-log-2011-06-16 (20-36-17).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|I:\|) Durchsuchte Objekte: 398009 Laufzeit: 44 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: e:\Gamez\postal2stp\apocalypseweekend\System\FPSGame.dll (Malware.Gen) -> Quarantined and deleted successfully. e:\Gamez\postal2stp\apocalypseweekend\System\postal2.exe (Malware.Gen) -> Quarantined and deleted successfully. e:\Gamez\postal2stp\apocalypseweekend\System\Shell.dll (Malware.Gen) -> Quarantined and deleted successfully. |
|
16.06.2011, 20:05
| #22 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 woher stammt diese version? Gamez\postal2stp
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2011, 23:14
| #23 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 Ich weiß nicht es nicht mehr, da ich dieses Spiel schon vor 2 Computern hatte, ist bestimmt nicht der Grund dafür, dass Microsoft Security Essentials deaktiviert ist, weil die Datei bereits seit längerem auf der Externen (E: \\) existiert. |
|
17.06.2011, 10:22
| #24 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 lade den CCleaner standard: CCleaner - Standard falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.06.2011, 23:43
| #25 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 Sorry, hat ein bisschen gedauert. Hier ist die Liste! Ich habe sie mir angeguckt, alle Programme sind benötigt und bekannt, soweit ich's sehen konnte. Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 30.05.2011 6,00MB 10.3.181.14 Adobe Flash Player 10 Plugin Adobe Systems Incorporated 15.06.2011 6,00MB 10.3.181.26 Adobe Reader X (10.0.1) - Deutsch Adobe Systems Incorporated 10.04.2011 115,9MB 10.0.1 Age of Empires III Microsoft Game Studios 19.06.2011 2.111MB 1.00.0000 Age of Empires III - The Asian Dynasties Microsoft Game Studios 19.06.2011 831MB 1.00.0000 Age of Empires III - The WarChiefs Microsoft Game Studios 19.06.2011 802MB 1.00.0000 Anno 1701 Sunflowers 11.04.2011 1.00 Apple Application Support Apple Inc. 19.06.2011 51,0MB 1.5.2 Apple Mobile Device Support Apple Inc. 19.06.2011 22,7MB 3.4.1.2 Apple Software Update Apple Inc. 10.04.2011 2,26MB 2.1.2.120 ATI Catalyst Install Manager ATI Technologies, Inc. 02.04.2011 22,4MB 3.0.816.0 AudioConverter Studio 6.1 ManiacTools.com 30.05.2011 6,93MB Avira AntiVir Premium Avira GmbH 20.06.2011 68,0MB 10.0.0.682 Bonjour Apple Inc. 11.05.2011 1,75MB 2.0.5.0 Caesar 3 12.06.2011 CCleaner Piriform 07.06.2011 3.07 Command & Conquer™ 4 Tiberian Twilight Electronic Arts 17.05.2011 1.267MB 1.0.0.0 Counter-Strike: Source Valve 02.04.2011 DAEMON Tools Lite DT Soft Ltd 10.04.2011 4.40.2.0131 Dead Space™ 2 Electronic Arts 25.04.2011 2.117MB 1.0.941.0 DiRT 3 Codemasters 19.06.2011 1.0.0000.130 Dragon Age: Origins Electronic Arts, Inc. 19.06.2011 3.629MB 1.04 Emsisoft Anti-Malware 5.1 Emsi Software GmbH 07.06.2011 146,2MB 5.1 Fallout 3 Bethesda Softworks 25.04.2011 1.00.0000 FLAC To MP3 V4.0.4 FLAC To MP3, Inc. 16.05.2011 22,4MB Free Video to iPod Converter version 4.2.18.324 DVDVideoSoft Limited. 21.04.2011 25,8MB Geeks3D.com FurMark 1.9.0 Geeks3D.com 02.04.2011 4,55MB Grand Theft Auto IV Rockstar Games 11.04.2011 1.00.0000 GT Interactive - Driver 17.06.2011 iTunes Apple Inc. 19.06.2011 145,0MB 10.3.1.55 Java(TM) 6 Update 24 Oracle 10.04.2011 95,0MB 6.0.240 JDownloader AppWork UG (haftungsbeschränkt) 10.04.2011 Magic FLAC to MP3 Converter 3.72 Magic Video 30.05.2011 3,65MB MAGIX Music Maker 16 Premium Download Version MAGIX AG 07.06.2011 16.0.0.30 MAGIX Music Maker Hip Hop Edition 2 4.0.0.10 (D) MAGIX AG 07.06.2011 4.0.0.10 MAGIX Screenshare MAGIX AG 07.06.2011 4.3.6.1987 MAGIX Speed burnR MAGIX AG 07.06.2011 6.0.1.2 Malwarebytes' Anti-Malware Version 1.51.0.1200 Malwarebytes Corporation 07.06.2011 13,8MB 1.51.0.1200 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 10.04.2011 38,8MB 4.0.30319 Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 06.05.2011 31,3MB 3.5.88.0 Microsoft Games for Windows Marketplace Microsoft Corporation 06.05.2011 6,04MB 3.5.50.0 Microsoft Office Professional Plus 2010 Microsoft Corporation 12.04.2011 14.0.4763.1000 Microsoft Primary Interoperability Assemblies 2005 Microsoft Corporation 12.04.2011 7,71MB 8.0.50727.42 Microsoft Security Essentials Microsoft Corporation 07.04.2011 2.0.657.0 Microsoft Silverlight Microsoft Corporation 15.06.2011 120,1MB 4.0.60531.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 12.04.2011 0,25MB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.06.2011 0,29MB 8.0.59193 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 07.04.2011 0,20MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 25.04.2011 0,23MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 12.04.2011 0,58MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 12.04.2011 0,57MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,59MB 9.0.30729.6161 Mozilla Firefox 4.0.1 (x86 de) Mozilla 28.04.2011 29,9MB 4.0.1 MSI Afterburner 2.2.0 Beta 2 MSI Co., LTD 02.04.2011 2.2.0 Beta 2 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 16.04.2011 1,28MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 16.04.2011 1,33MB 4.20.9876.0 Native Instruments Audio 2 DJ 07.06.2011 Native Instruments Audio 2 DJ Native Instruments 08.06.2011 Native Instruments Audio 4 DJ 07.06.2011 Native Instruments Audio 4 DJ Native Instruments 08.06.2011 Native Instruments Audio 8 DJ 07.06.2011 Native Instruments Audio 8 DJ Native Instruments 08.06.2011 Native Instruments Controller Editor 07.06.2011 Native Instruments Controller Editor Native Instruments 08.06.2011 Native Instruments Service Center 07.06.2011 Native Instruments Service Center Native Instruments 08.06.2011 Native Instruments Traktor 2 07.06.2011 Native Instruments Traktor 2 Native Instruments 08.06.2011 Native Instruments Traktor Audio 10 07.06.2011 Native Instruments Traktor Audio 10 Native Instruments 08.06.2011 Native Instruments Traktor Audio 2 07.06.2011 Native Instruments Traktor Audio 2 Native Instruments 08.06.2011 Native Instruments Traktor Audio 6 07.06.2011 Native Instruments Traktor Audio 6 Native Instruments 08.06.2011 Native Instruments Traktor Kontrol S4 07.06.2011 Native Instruments Traktor Kontrol S4 Native Instruments 08.06.2011 Native Instruments Traktor Kontrol X1 07.06.2011 Native Instruments Traktor Kontrol X1 Native Instruments 08.06.2011 Nero BackItUp 10 Nero AG 12.04.2011 107,6MB 5.4.11800.21.100 Nero Burning ROM 10 Nero AG 12.04.2011 162,3MB 10.0.11100.10.100 Nero BurnRights 10 Nero AG 12.04.2011 6,42MB 4.0.11000.12.100 Nero CoverDesigner 10 Nero AG 12.04.2011 77,1MB 5.0.10900.11.100 Nero DiscSpeed 10 Nero AG 12.04.2011 7,47MB 6.0.10800.7.100 Nero Express 10 Nero AG 12.04.2011 159,5MB 10.0.11000.10.100 Nero InfoTool 10 Nero AG 12.04.2011 8,35MB 7.0.10800.8.100 Nero MediaHub 10 Nero AG 12.04.2011 158,0MB 1.0.13400.11.100 Nero Multimedia Suite 10 Nero AG 12.04.2011 1.335MB 10.0.13200 Nero Recode 10 Nero AG 12.04.2011 80,0MB 4.6.10900.4.100 Nero RescueAgent 10 Nero AG 12.04.2011 6,83MB 3.0.10900.9.100 Nero SoundTrax 10 Nero AG 12.04.2011 95,6MB 4.6.10600.2.100 Nero StartSmart 10 Nero AG 12.04.2011 110,2MB 10.0.11200.12.100 Nero Update Nero AG 12.04.2011 1,41MB 1.0.0017 Nero Vision 10 Nero AG 12.04.2011 214MB 7.0.11100.8.100 Nero WaveEditor 10 Nero AG 12.04.2011 76,6MB 5.6.10600.2.100 NVIDIA PhysX NVIDIA Corporation 30.05.2011 78,9MB 9.10.0512 OpenAL 19.06.2011 QuickTime Apple Inc. 10.04.2011 73,7MB 7.69.80.9 Rapture3D 2.4.8 Game Blue Ripple Sound 19.06.2011 RocketDock 1.3.5 Punk Software 10.04.2011 RTP 1.32 Add-On for RM2k 30.05.2011 RTP for RM2K (Png, Wav, Midi, Fonts) 30.05.2011 Safari Apple Inc. 19.06.2011 41,3MB 5.33.21.1 Sierra-Dienstprogramme 12.06.2011 Spider-Man 2 Activision 03.05.2011 792MB 1.0 Steam Valve Corporation 02.04.2011 35,5MB 1.0.0.0 Switch Sound File Converter NCH Software 30.05.2011 TeamViewer 6 TeamViewer GmbH 07.06.2011 6.0.10722 Virtual DJ Pro Full - Atomix Productions 14.06.2011 VLC media player 1.1.8 VideoLAN 10.04.2011 1.1.8 Windows Live Essentials Microsoft Corporation 08.04.2011 15.4.3508.1109 WinRAR 4.00 (64-Bit) win.rar GmbH 10.04.2011 4.00.0 |
|
29.06.2011, 11:05
| #26 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 aber nicht so bearbeitet wie gefordert
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.06.2011, 21:40
| #27 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 Alle Programme sind benötigt und bekannt. Wozu sollte ich das hinter jedes Programm einzeln schreiben?  |
|
30.06.2011, 10:41
| #28 |
| /// Malware-holic | Google wird z.T. redirected+Windows Security Center disabled unter W7 na, überlegen wir mal, vllt damit ichs weis? und die liste dem entsprechend bearbeiten kann... hast du die vollversion von emsisoft? es ist nicht gut, 2 malware programme mit hintergrund wächter laufen zu lassen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
18.07.2011, 13:36
| #29 |
| | Google wird z.T. redirected+Windows Security Center disabled unter W7 Das Problem besteht immernoch! Brauche jetzt mal einen helfenden konstruktiven Vorschlag, wie ich mein Windows Security Essentials wieder zum Laufen bekomme! |
|
| Themen zu Google wird z.T. redirected+Windows Security Center disabled unter W7 |
| 0x80004005, 64-bit, avira, bonjour, c:\windows\system32\rundll32.exe, computer, desktop, dllhost.exe, down, emsisoft, emsisoft anti-malware, error, excel, failed, firefox, flash player, format, google, google-redirection, grand theft auto, install.exe, jdownloader, langs, logfile, microsoft office word, microsoft security, mozilla, mp3, msvcr80.dll, nicht gefunden, oldtimer, plug-in, problem, realtek, redirection windows security center disabled, registry, required, rundll, scan, searchplugins, security, shortcut, sierra, software, start menu, syswow64, virus, webcheck, windows, windows security |
Linear-Darstellung
