| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Inernetseiten werden falsch angezeigtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.12.2011, 17:07
| #1 |
 |  Inernetseiten werden falsch angezeigt Hallo! Habe das problem das wenn ich links benutze z.B. bei google werde ich jedes mal auf nicht seriöse seiten umgeleitet. Erst beim zweiten versuch öffnet sich die wirklich angewählte seite. Ich werde ständig auf die seite Fi..dates.com umgeleitet " die zwei .. stehen für ck" Wie soll ich vorgehen und welche Programme soll ich durchscannen lassen. Habe es selbst ausprobiert das Problem zu lösen aber kein Erfolg gehabt, jetzt bräuchte ich Hilfe und jemanden der mir erklärt was ich machen muss. Habe ja schon gelesen von den Programmen Gmer, Hijack usw. aber wie ich sie erfolgreich einsetze weiss ich nicht. Vielen Dank im voraus |
|
26.12.2011, 18:59
| #2 |
| /// Selecta Jahrusso   | Inernetseiten werden falsch angezeigt Bitte lies folgendes vollständig. Für alle Hilfesuchenden. Was muss ich vor der Eröffnung eines Themas beachten
__________________ |
|
26.12.2011, 19:17
| #3 |
| | Inernetseiten werden falsch angezeigt OTL Logfile:
__________________OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 12/26/2011 7:10:32 PM - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\enzo\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.97 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 44.14% Memory free 7.93 Gb Paging File | 5.81 Gb Available in Paging File | 73.22% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 116.45 Gb Total Space | 59.50 Gb Free Space | 51.09% Space Free | Partition Type: NTFS Drive D: | 101.79 Gb Total Space | 85.28 Gb Free Space | 83.78% Space Free | Partition Type: NTFS Computer Name: ENZO-PC | User Name: enzo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/12/26 19:08:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\enzo\Downloads\OTL.exe PRC - [2011/12/26 17:43:41 | 000,292,864 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe PRC - [2011/12/26 12:52:25 | 000,194,048 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe PRC - [2011/12/26 12:51:52 | 000,177,152 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe PRC - [2011/04/28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe PRC - [2009/09/14 20:45:35 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2009/09/14 10:37:58 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe PRC - [2009/09/14 10:37:58 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe PRC - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe PRC - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009/07/21 23:00:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brss01a.exe PRC - [2009/07/16 18:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe PRC - [2009/07/07 19:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe PRC - [2009/05/18 23:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe PRC - [2009/04/20 19:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008/08/14 04:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe PRC - [2008/07/19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2004/06/13 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brsvc01a.exe ========== Modules (No Company Name) ========== MOD - [2011/12/26 17:43:41 | 000,292,864 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe MOD - [2011/12/26 12:52:25 | 000,194,048 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe MOD - [2011/12/26 12:51:52 | 000,177,152 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe MOD - [2011/12/25 22:33:19 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll MOD - [2011/12/25 22:31:34 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll MOD - [2011/12/25 22:30:57 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll MOD - [2011/12/25 22:30:35 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll MOD - [2011/12/25 22:24:06 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/12/25 22:23:51 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/12/07 12:16:28 | 000,411,192 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll MOD - [2011/12/07 12:16:27 | 003,767,864 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll MOD - [2011/12/07 12:14:56 | 000,122,952 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll MOD - [2011/12/07 12:14:55 | 000,222,280 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll MOD - [2011/12/07 12:14:53 | 001,746,504 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll MOD - [2011/12/07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll MOD - [2011/12/07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\APPLIC~1\160912~1.63\gcswf32.dll MOD - [2009/09/14 10:37:58 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe MOD - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2009/05/14 08:35:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmonr.dll MOD - [2008/08/28 00:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2008/06/09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2007/08/08 16:55:30 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\iptk.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2009/08/19 09:26:58 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdpcoms.exe -- (lxdp_device) SRV:64bit: - [2009/04/28 08:58:54 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdpserv.exe -- (lxdpCATSCustConnectService) SRV:64bit: - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2011/12/14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2011/05/24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Unknown | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain) SRV - [2011/04/26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2009/08/19 09:26:46 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdpcoms.exe -- (lxdp_device) SRV - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent) SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2004/06/13 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\Windows\SysWOW64\brsvc01a.exe -- (Brother XP spl Service) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/07/05 12:12:46 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAFLT) DRV:64bit: - [2011/04/28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINPROT) DRV:64bit: - [2011/04/28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINPROC) DRV:64bit: - [2011/04/28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC) DRV:64bit: - [2011/04/28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFILE) DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/10/15 21:53:08 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:64bit: - [2010/10/15 21:52:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2010/10/15 21:52:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 09:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009/06/29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2009/06/29 17:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake) DRV:64bit: - [2009/06/18 20:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby) DRV:64bit: - [2009/06/12 04:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/09 05:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:64bit: - [2009/06/04 11:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/05/26 14:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:64bit: - [2009/04/09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2009/03/25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm) DRV:64bit: - [2009/03/25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV:64bit: - [2009/03/25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV:64bit: - [2009/03/25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex) DRV:64bit: - [2009/03/25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV:64bit: - [2009/03/25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV:64bit: - [2009/03/25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl) DRV:64bit: - [2008/12/08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:64bit: - [2008/05/01 20:25:51 | 000,084,288 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2008/05/01 20:25:51 | 000,068,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2007/07/31 19:04:48 | 000,090,112 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl) DRV:64bit: - [2007/07/24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) DRV - [2011/12/12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.1und1.de/br/ie9_startpage IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/br/ie9_startpage IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61071 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 61071 FF - prefs.js..network.proxy.type: 1 FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/25 16:35:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/26 12:10:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.16\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/12/09 10:04:26 | 000,000,000 | ---D | M] [2010/12/31 14:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Extensions [2010/12/31 14:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011/12/26 14:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions [2011/03/13 12:29:59 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/12/26 14:37:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2011/01/14 19:07:11 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011/01/14 19:07:10 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\engine@conduit.com [2011/12/26 14:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions [2011/12/26 14:37:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2011/12/26 12:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011/06/09 18:17:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011/03/03 19:06:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/03/03 19:06:04 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011/03/03 19:06:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011/03/03 19:06:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\enzo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Google Update (Enabled) = C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\ CHR - Extension: Google-Suche = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\ CHR - Extension: Google Mail = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\ O1 HOSTS File: ([2011/12/26 12:05:49 | 000,000,825 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.) O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe (Lexmark International Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [lxdpmon.exe] C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe () O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark Z2300 Series\ezprint.exe" File not found O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [lxdpmon.exe] "C:\Program Files (x86) (x86)\Lexmark Z2300 Series\lxdpmon.exe" File not found O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security) O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [B67.exe] C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe () O4 - HKCU..\Run: [F7E.exe] C:\Users\enzo\AppData\Roaming\Microsoft\89E0\F7E.exe () F3:64bit: - HKCU WinNT: Load - (C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe) - C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe () F3 - HKCU WinNT: Load - (C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe) -C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk () O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{332535EA-4ECE-4ABB-BB2B-229849CC0810}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F9EFA5E-6344-42B2-9919-08FE22D5E752}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53373220-CA15-489E-8CF1-8BC4EFC94ACF}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{728AD324-36DB-4EE4-8F2C-6C01AA0DD002}: DhcpNameServer = 139.7.30.126 139.7.30.125 O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe) -C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe () O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:64bit: - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\labelprint.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27:64bit: - HKLM IFEO\olrsubmission.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27:64bit: - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27 - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\labelprint.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27 - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\power2go.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{283a1d7c-72ae-11e0-a0c5-90e6ba3cc499}\Shell - "" = AutoRun O33 - MountPoints2\{283a1d7c-72ae-11e0-a0c5-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{3646f6e4-9b3f-11e0-bd9c-bbb89a285f09}\Shell - "" = AutoRun O33 - MountPoints2\{3646f6e4-9b3f-11e0-bd9c-bbb89a285f09}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{458fd1e2-c4b8-11df-a209-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{458fd1e2-c4b8-11df-a209-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{458fd35a-c4b8-11df-a209-90e6ba3cc499}\Shell - "" = AutoRun O33 - MountPoints2\{458fd35a-c4b8-11df-a209-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{4da8062f-c662-11df-8804-90e6ba3cc499}\Shell - "" = AutoRun O33 - MountPoints2\{4da8062f-c662-11df-8804-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{4da8064f-c662-11df-8804-001e101f57d0}\Shell - "" = AutoRun O33 - MountPoints2\{4da8064f-c662-11df-8804-001e101f57d0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{9fe0e331-18dd-11e1-be32-cd32392a5867}\Shell - "" = AutoRun O33 - MountPoints2\{9fe0e331-18dd-11e1-be32-cd32392a5867}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta O33 - MountPoints2\{c60c869f-a165-11de-a550-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c60c869f-a165-11de-a550-806e6f6e6963}\Shell\AutoRun\command - "" = E:\zdata\cobi.exe O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/12/26 14:38:00 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Panda Security [2011/12/26 14:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner [2011/12/26 14:37:19 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\panda2_0dn [2011/12/26 14:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering [2011/12/26 14:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus [2011/12/26 14:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2011/12/26 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2011/12/26 14:36:13 | 000,000,000 | ---D | C] -- C:\temp [2011/12/26 12:09:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Seven Zip [2011/12/26 12:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2011/12/26 12:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011/12/25 22:16:24 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2011/12/25 21:56:35 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\AntiBrowserSpy 2009 [2011/12/25 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Abelssoft [2011/12/25 19:16:32 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\FreeFixer [2011/12/25 19:16:31 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\FreeFixer [2011/12/25 19:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer [2011/12/25 18:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\S.N.Safe&Software [2011/12/25 18:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnS Soft [2011/12/25 14:57:59 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Ashampoo [2011/12/25 14:54:52 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/12/25 14:54:52 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/12/25 14:54:52 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/12/25 14:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012 [2011/12/25 14:54:36 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\TuneUp Software [2011/12/25 14:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012 [2011/12/25 14:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2011/12/25 14:53:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2011/12/25 13:11:34 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/12/24 12:26:46 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Sony Corporation [2011/12/24 12:26:21 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Sony [2011/12/24 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\enzo\Podcasts [2011/12/24 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\Media Go [2011/12/24 12:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2011/12/24 12:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared [2011/12/24 12:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 3.3 [2011/12/24 12:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TraXEx [2011/12/24 12:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install [2011/12/24 12:17:27 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Sony [2011/12/24 12:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide [2011/12/24 12:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2011/12/24 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2011/12/23 17:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP [2011/12/23 00:42:16 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\FE661 [2011/12/23 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\02BFE [2011/12/19 17:59:46 | 000,000,000 | ---D | C] -- C:\Users\enzo\Tracing [2011/12/18 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\MAGIX Downloads [2011/12/18 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\MAGIX [2011/12/18 19:04:11 | 000,000,000 | RHSD | C] -- C:\Users\enzo\M-1-25-5432-6437-5685 [2011/12/18 18:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2011/12/18 18:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX [2011/11/27 23:36:19 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\MAGIX_AG [2011/11/27 22:48:51 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\MAGIX [2011/11/27 22:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared [2011/11/27 22:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services [2011/11/27 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\MAGIX [2011/11/27 19:48:41 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Xara [2011/11/27 19:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2011/11/27 19:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011/07/30 14:58:52 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdppmui.dll [2011/07/30 14:58:52 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpinpa.dll [2011/07/30 14:58:52 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpiesc.dll [2011/07/30 14:58:51 | 001,101,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpserv.dll [2011/07/30 14:58:51 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomc.dll [2011/07/30 14:58:51 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpusb1.dll [2011/07/30 14:58:51 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdphbn3.dll [2011/07/30 14:58:51 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcoms.exe [2011/07/30 14:58:51 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdplmpm.dll [2011/07/30 14:58:51 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomm.dll [2011/07/30 14:58:51 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcfg.exe [2011/07/30 14:58:51 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpih.exe [2011/07/30 14:58:51 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpprox.dll [2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll [8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/12/26 19:07:49 | 000,000,000 | ---- | M] () -- C:\Users\enzo\defogger_reenable [2011/12/26 18:20:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job [2011/12/26 15:20:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job [2011/12/26 14:37:03 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat [2011/12/26 12:58:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/12/26 12:58:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/12/26 12:50:10 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job [2011/12/26 12:50:10 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job [2011/12/26 12:50:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/12/26 12:49:55 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys [2011/12/26 12:21:02 | 000,376,574 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat [2011/12/26 12:21:02 | 000,351,112 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/12/26 12:21:02 | 000,235,906 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat [2011/12/26 12:21:02 | 000,050,480 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat [2011/12/26 12:21:02 | 000,043,458 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/12/26 12:21:02 | 000,037,464 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat [2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat [2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/12/26 12:07:18 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif [2011/12/26 12:05:56 | 000,002,314 | ---- | M] () -- C:\Users\enzo\Desktop\Google Chrome.lnk [2011/12/26 12:05:07 | 004,934,902 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011/12/26 12:05:07 | 001,505,372 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011/12/26 12:05:07 | 001,265,808 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/12/25 22:16:24 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys [2011/12/25 19:43:55 | 001,237,312 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/12/25 13:07:38 | 000,566,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/12/24 12:22:34 | 000,001,121 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx PC-Putzer.lnk [2011/12/20 21:36:44 | 000,010,268 | ---- | M] () -- C:\Users\enzo\Documents\pvc.odt [2011/12/18 20:35:17 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2011/12/18 19:31:53 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Foto Premium MX (Starter).lnk [2011/12/18 00:33:17 | 000,024,697 | ---- | M] () -- C:\Users\enzo\Documents\Hund.odt [2011/12/17 23:23:13 | 000,007,609 | ---- | M] () -- C:\Users\enzo\AppData\Local\Resmon.ResmonCfg [2011/12/14 22:20:27 | 000,012,690 | ---- | M] () -- C:\Users\enzo\Documents\Tierärzte.odt [2011/12/14 12:23:40 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/12/14 12:23:22 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/12/14 12:23:22 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/12/11 09:29:22 | 000,014,888 | ---- | M] () -- C:\Users\enzo\Documents\kaufvertrag Garten.odt [2011/12/09 15:29:12 | 000,048,374 | ---- | M] () -- C:\Users\enzo\Documents\danny.odt [2011/11/29 18:51:11 | 000,022,516 | ---- | M] () -- C:\Users\enzo\Documents\Bed Head.odt [8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/12/26 19:07:49 | 000,000,000 | ---- | C] () -- C:\Users\enzo\defogger_reenable [2011/12/26 14:37:03 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat [2011/12/26 12:07:18 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif [2011/12/26 12:05:07 | 001,265,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/12/26 12:05:02 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2011/12/25 14:54:48 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk [2011/12/25 13:11:36 | 000,002,314 | ---- | C] () -- C:\Users\enzo\Desktop\Google Chrome.lnk [2011/12/24 12:22:34 | 000,001,121 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx PC-Putzer.lnk [2011/12/20 21:36:42 | 000,010,268 | ---- | C] () -- C:\Users\enzo\Documents\pvc.odt [2011/12/18 19:31:53 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Foto Premium MX (Starter).lnk [2011/12/17 23:58:41 | 000,024,697 | ---- | C] () -- C:\Users\enzo\Documents\Hund.odt [2011/12/17 23:23:13 | 000,007,609 | ---- | C] () -- C:\Users\enzo\AppData\Local\Resmon.ResmonCfg [2011/12/14 22:20:25 | 000,012,690 | ---- | C] () -- C:\Users\enzo\Documents\Tierärzte.odt [2011/12/09 15:29:10 | 000,048,374 | ---- | C] () -- C:\Users\enzo\Documents\danny.odt [2011/12/08 11:44:59 | 000,014,888 | ---- | C] () -- C:\Users\enzo\Documents\kaufvertrag Garten.odt [2011/07/30 14:58:52 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDPinst.dll [2011/07/30 14:58:52 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdpcomx.dll [2011/06/08 16:29:49 | 000,000,000 | ---- | C] () -- C:\Users\enzo\AppData\Local\SiDiary6W32.run [2011/05/27 19:33:40 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2011/05/27 19:33:39 | 000,000,521 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011/05/27 19:33:39 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010/09/24 19:47:38 | 000,000,600 | ---- | C] () -- C:\Users\enzo\AppData\Roaming\winscp.rnd [2010/09/20 14:35:09 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2009/09/14 20:45:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll [2009/08/19 09:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe [2009/08/19 09:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini [2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/07/03 02:40:27 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll [2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg [2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll ========== LOP Check ========== [2011/12/26 14:32:05 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\02BFE [2011/12/25 21:56:35 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\AntiBrowserSpy 2009 [2011/01/14 19:09:08 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Battle Tanks [2011/10/03 12:26:36 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/11/13 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\coupons [2011/02/07 22:59:47 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1 [2011/11/19 14:37:25 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\DVDVideoSoft [2011/03/13 12:29:59 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers [2011/12/26 12:52:25 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\FE661 [2011/12/25 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\FreeFixer [2010/09/24 19:54:14 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Hunspell [2011/12/20 10:33:15 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\MAGIX [2011/10/04 02:35:47 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Meine Traffic [2011/07/03 16:37:45 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\NetSpeedMonitor [2011/05/31 20:50:24 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\OpenOffice.org [2011/12/26 14:38:00 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Panda Security [2011/12/24 12:25:54 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Sony [2011/10/03 12:24:38 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/12/31 14:04:11 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Thunderbird [2011/12/25 14:54:36 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\TuneUp Software [2010/09/20 14:21:39 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Vodafone [2011/12/26 12:50:10 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job [2011/12/26 12:50:10 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job [2011/12/25 13:07:03 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < GMER 1.0.15.15641 - hxxp://www.gmer.net > Invalid Switch: www.gmer.net < Rootkit scan 2011-12-26 16:22:45 > < Windows 6.1.7601 Service Pack 1 > < Running: l8z7uzox.exe > < > < > < ---- Registry - GMER 1.0.15 ---- > < > < Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ?????{??????????? ???????????????????v????"?????p???????94??USB\VID_05E3&PID_0727&REV_0207?USB\VID_05E3&PID_0727????el???????????E???e??? n?????????????????????????? ??????????????s????????????????????????????????????????????????-???-???????-???????????????????f????????????$??????0??????????ROOT\*6TO4MP\0002????????y?????????d?????????.???????????????????????i???h???????????????????e???????g???????y???=??????ti??????#???nettun.inf??????? ??????????????????6to4mp.ndi??=1??? ???y???i?????ft????????????B???????-???????????????????z???n????????????`?????????????? ??????????????n???6.1.7600.16385??????? P???????????????????*?????? ????d|? ??? .?????????????????Microsoft-6zu4-Adapter???????????z??????????????????????????????????"???? ???????????????????-??????????`???????????{43E2E25F-5E57-4E46-9E89-5311F3AD5361}??????TCPIP6TUNNEL?Tcpip6?????\Device\{43E2E25F-5E57-4E46-9E89-5311F3AD5361}??0c??? ???????????????????6??????????<????????????? > < ???z???????e????<??????f??????Microsoft-6zu4-Adaptertreiber???? ????????????? > < Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ????BT??? ???????????????????????????????????????????????????????????????????????????????e???y??*6to4mp?????? ???????'????????????????x?????????????????? ?????????????????????0????????????????????????????????????????? ???????Z?????????????0??????????*?&???????????????????????????????e ???c??Microsoft?????&?????????????volume_install??4_??????os??t????????????????????????????????????t???????????????????????????7?????????t25??????????*6to4mp??%??? ???????????????????7??????????@volsnap.inf,%storage\volumesnapshot.devicedesc%;Standard-Volumeschattenkopie???@disk.inf,%disk_devdesc%;Laufwerk???4.50.3.8????????????? ??????????????????????????????????????????????????????????????????????Microsoft???Typ?81??? ??????????????????????????????????<?????????????????????????????????????????????????????N??????s????Ddis?????????????????s????LAN-Verbindung* 30???????????????? ??????T????????????J??????_??????????Netzwerkadresse??????????j???f??p????? > < ???????i??????????????\\?\USBSTOR#CdRom&Ven_Vodafone&Prod_CD_ROM_(Huawei)&Rev > < Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???i????????????????}"????8??i????????h??????T?U?i?[?s???i???????????????j??????????????????????t???system32\DRIVERS\mrxsmb20.sys?????????????N?????????????????????????????????volsnap?????disk????? ???????j?????i?????i???????????????????????\???????????v??????c%??? ???????i???????????j??????????N????????????????.???????e??volsnap????????????????????????????s?????i???????????z??????????P6???i??????s????????????0?????????????????????s????.NT??n???????i??????????????_m??@netrasa.inf,%msft%;Microsoft????i???????????????????????????????????????j?j????????????????????????????????????????????????x???FltMgr???????o?o?l??root\swenum??e????N??i????????D?????{71a27cdd-812a-11d0-bec7-08002be2092f}???????????????????????????????i??USB??e???i????????????????????N??????????????????????n???????i???????????????????i?????i?????????????????????????i???????????i?i?????????????????????????i??????????6.1.7600.16385???????i?i?????????????a??ar????8??i???v > < ??es??Microsoft Composite Battery?0a???i?i0a???????????????????????i???4????? > < Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???i?o???i??blbdrive.inf:MSFT.NTamd64:blbdrive_device:6.1.7600.16385:root\blbdrive?5:r???????????????????????i???????????????????????????????????????i???3???????????3???i?i?i???????????????3???????i??????????6.1.7600.16385??6.???i?i?i????????????????????,??i???e??????File as Volume Driver????i?i?i???????????3???????????i??????????blbdrive.inf?????i?i?i???????????3???????? ??i??????????blbdrive_device??3???i?i?i???????????3???????????i??????????.NT??3???i?i?i???????????3???3???????i???3??????root\blbdrive????i?i?i???????????3???????????i??????????Microsoft????i?i?i???????????????????????????????????i?i?i???????V???????e??LegacyDriver?3???????????????????????????.???2??????6-21-2006????????i??????s????i?i?i???????????i??????Volume??????*ntkern??????????????????????.???t???????????????g??????s????????i???b??sC??????????? ?????s????????????????????s???????s ???????????n??????nettun.inf????????N??????F????DY-E???i???????i???????????????? > < ????h??k?????g???????? ????-?????s4C??LegacyDriver?2??LegacyDriver?5???????i? > < > < ---- EOF - GMER 1.0.15 ---- > < End of report > --- --- ---OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 12/26/2011 7:10:32 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\enzo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.97 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 44.14% Memory free
7.93 Gb Paging File | 5.81 Gb Available in Paging File | 73.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.45 Gb Total Space | 59.50 Gb Free Space | 51.09% Space Free | Partition Type: NTFS
Drive D: | 101.79 Gb Total Space | 85.28 Gb Free Space | 83.78% Space Free | Partition Type: NTFS
Computer Name: ENZO-PC | User Name: enzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Lexmark Z2300 Series" = Lexmark Z2300 Series
"Microsoft Security Client" = Microsoft Security Essentials
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DEBDBF3-5AEC-4B61-B7FC-0C48CF62473C}" = MAGIX Foto Premium MX
"{60D6618B-153F-4353-8185-908E676E5888}" = ASUS FancyStart
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A4D58206-7E8F-41F2-BD94-85009F3AEA28}" = NWZ-E460 WALKMAN Guide
"{A94CA235-0C9B-475D-8018-50DDC0E3867C}" = MAGIX Foto & Grafik Designer 7
"{AFD37E69-EA05-367C-1855-182094DDC84E}" = myphotobook.de
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C38DAF06-0274-4C12-AE3A-AE1B4E75B8F4}" = MAGIX Speed burnR (MSI)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FDC9D4AE-1A9C-4206-ACBF-3A073C6443DC}" = MAGIX Screenshare
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"MAGIX_MSI_Foto_Grafik_Designer_7_FPMX" = MAGIX Foto & Grafik Designer 7
"MAGIX_MSI_Foto_Premium_MX" = MAGIX Foto Premium MX
"MediaMonkey_is1" = MediaMonkey 3.2
"MeineTraffic" = Meine Traffic 2.20
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.16)" = Mozilla Thunderbird (3.1.16)
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"ST6UNST #1" = Read Router Traffic
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"TraXEx_is1" = TraXEx 3.3
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VueScan" = VueScan
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Glucofacts Deluxe Updater 2.0" = Glucofacts Deluxe Updater 2.0
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/26/2011 7:14:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
Spyware Terminator Driver Filter. System Error: Das System kann die angegebene Datei
nicht finden. .
Error - 12/26/2011 7:20:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 12/26/2011 7:20:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 12/26/2011 7:21:02 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 12/26/2011 7:24:24 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 12/26/2011 7:24:26 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 12/26/2011 8:23:27 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 12/26/2011 8:23:40 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description =
Error - 12/26/2011 12:26:03 PM | Computer Name = enzo-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
files\microsoft security client\MSESysprep.dll" in Zeile 10. Das imaging-Element
wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
angezeigt, das von dieser Windows-Version nicht unterstützt wird.
Error - 12/26/2011 12:29:26 PM | Computer Name = enzo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 12/26/2011 7:50:17 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1060
Error - 12/26/2011 7:50:18 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 12/26/2011 7:50:25 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxdpCATSCustConnectService erreicht.
Error - 12/26/2011 7:50:25 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxdpCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PRTG Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PRTG Watchdog" wurde aufgrund folgenden Fehlers nicht
gestartet: %%2
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist von folgendem
Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error - 12/26/2011 7:51:27 AM | Computer Name = enzo-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 12/26/2011 9:37:02 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Panda Cloud Antivirus Service" ist als interaktiver Dienst
gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
|
|
27.12.2011, 00:12
| #4 |
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigtMein Name ist Daniel und ich werde dir mit deinem Malware Relevanten Problemen helfen. Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Vista und Win7 User Alle Tools mit Rechtsklick "als Administrator ausführen" starten. Was hast du bitte in die Benutzerdefinierte Scan / Fixes Box kopiert ? Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste in deiner nächsten Antwort aswMBR.txt TDSSKiller Log
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.12.2011, 07:47
| #5 |
| | Inernetseiten werden falsch angezeigt Danke das du mir hilfst! aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software Run date: 2011-12-27 07:41:23 ----------------------------- 07:41:23.134 OS Version: Windows x64 6.1.7601 Service Pack 1 07:41:23.135 Number of processors: 2 586 0x170A 07:41:23.135 ComputerName: ENZO-PC UserName: enzo 07:41:25.022 Initialize success 07:41:51.181 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 07:41:51.186 Disk 0 Vendor: ST925031 0002 Size: 238475MB BusType: 3 07:41:51.198 Disk 0 MBR read successfully 07:41:51.202 Disk 0 MBR scan 07:41:51.205 Disk 0 Windows VISTA default MBR code 07:41:51.220 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048 07:41:51.239 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119240 MB offset 30715904 07:41:51.244 Disk 0 Partition - 00 0F Extended LBA 104234 MB offset 274920345 07:41:51.273 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 104234 MB offset 274920408 07:41:51.282 Service scanning 07:41:54.038 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 07:41:56.955 Modules scanning 07:41:56.961 Disk 0 trace - called modules: 07:41:56.968 07:41:56.978 Scan finished successfully 07:42:18.361 Disk 0 MBR has been saved successfully to "C:\Users\enzo\Downloads\MBR.dat" 07:42:18.375 The log file has been saved successfully to "C:\Users\enzo\Downloads\aswMBR.txt" 07:43:54.0811 3672 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16 07:43:54.0956 3672 ============================================================ 07:43:54.0956 3672 Current date / time: 2011/12/27 07:43:54.0956 07:43:54.0956 3672 SystemInfo: 07:43:54.0956 3672 07:43:54.0956 3672 OS Version: 6.1.7601 ServicePack: 1.0 07:43:54.0956 3672 Product type: Workstation 07:43:54.0956 3672 ComputerName: ENZO-PC 07:43:54.0956 3672 UserName: enzo 07:43:54.0956 3672 Windows directory: C:\Windows 07:43:54.0956 3672 System windows directory: C:\Windows 07:43:54.0956 3672 Running under WOW64 07:43:54.0957 3672 Processor architecture: Intel x64 07:43:54.0957 3672 Number of processors: 2 07:43:54.0957 3672 Page size: 0x1000 07:43:54.0957 3672 Boot type: Normal boot 07:43:54.0957 3672 ============================================================ 07:43:55.0747 3672 Initialize success 07:44:00.0890 2912 ============================================================ 07:44:00.0890 2912 Scan started 07:44:00.0890 2912 Mode: Manual; 07:44:00.0890 2912 ============================================================ 07:44:01.0540 2912 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 07:44:01.0544 2912 1394ohci - ok 07:44:01.0607 2912 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 07:44:01.0613 2912 ACPI - ok 07:44:01.0727 2912 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 07:44:01.0728 2912 AcpiPmi - ok 07:44:01.0793 2912 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 07:44:01.0801 2912 adp94xx - ok 07:44:01.0897 2912 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 07:44:01.0904 2912 adpahci - ok 07:44:01.0957 2912 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 07:44:01.0961 2912 adpu320 - ok 07:44:02.0057 2912 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 07:44:02.0065 2912 AFD - ok 07:44:02.0130 2912 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 07:44:02.0145 2912 agp440 - ok 07:44:02.0279 2912 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 07:44:02.0284 2912 aliide - ok 07:44:02.0402 2912 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 07:44:02.0404 2912 amdide - ok 07:44:02.0466 2912 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 07:44:02.0467 2912 AmdK8 - ok 07:44:02.0491 2912 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 07:44:02.0492 2912 AmdPPM - ok 07:44:02.0553 2912 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 07:44:02.0556 2912 amdsata - ok 07:44:02.0607 2912 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 07:44:02.0611 2912 amdsbs - ok 07:44:02.0650 2912 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 07:44:02.0652 2912 amdxata - ok 07:44:02.0673 2912 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS 07:44:02.0674 2912 AmUStor - ok 07:44:02.0727 2912 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 07:44:02.0728 2912 AppID - ok 07:44:02.0828 2912 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 07:44:02.0831 2912 arc - ok 07:44:02.0856 2912 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 07:44:02.0859 2912 arcsas - ok 07:44:02.0929 2912 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys 07:44:02.0931 2912 ASMMAP64 - ok 07:44:03.0023 2912 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 07:44:03.0024 2912 AsyncMac - ok 07:44:03.0083 2912 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 07:44:03.0085 2912 atapi - ok 07:44:03.0165 2912 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 07:44:03.0199 2912 athr - ok 07:44:03.0360 2912 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 07:44:03.0368 2912 b06bdrv - ok 07:44:03.0433 2912 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 07:44:03.0438 2912 b57nd60a - ok 07:44:03.0519 2912 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 07:44:03.0520 2912 Beep - ok 07:44:03.0551 2912 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 07:44:03.0552 2912 blbdrive - ok 07:44:03.0604 2912 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 07:44:03.0616 2912 bowser - ok 07:44:03.0660 2912 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 07:44:03.0661 2912 BrFiltLo - ok 07:44:03.0677 2912 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 07:44:03.0678 2912 BrFiltUp - ok 07:44:03.0799 2912 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 07:44:03.0805 2912 Brserid - ok 07:44:03.0840 2912 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 07:44:03.0841 2912 BrSerWdm - ok 07:44:03.0859 2912 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 07:44:03.0860 2912 BrUsbMdm - ok 07:44:03.0981 2912 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 07:44:03.0981 2912 BrUsbSer - ok 07:44:04.0012 2912 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 07:44:04.0014 2912 BTHMODEM - ok 07:44:04.0062 2912 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 07:44:04.0073 2912 cdfs - ok 07:44:04.0140 2912 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 07:44:04.0143 2912 cdrom - ok 07:44:04.0266 2912 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 07:44:04.0267 2912 circlass - ok 07:44:04.0308 2912 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 07:44:04.0315 2912 CLFS - ok 07:44:04.0468 2912 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 07:44:04.0469 2912 CmBatt - ok 07:44:04.0513 2912 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 07:44:04.0515 2912 cmdide - ok 07:44:04.0616 2912 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 07:44:04.0624 2912 CNG - ok 07:44:04.0674 2912 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 07:44:04.0676 2912 Compbatt - ok 07:44:04.0732 2912 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 07:44:04.0733 2912 CompositeBus - ok 07:44:04.0844 2912 connctfy - ok 07:44:04.0876 2912 connctfyMP - ok 07:44:04.0917 2912 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 07:44:04.0920 2912 crcdisk - ok 07:44:05.0061 2912 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 07:44:05.0073 2912 DfsC - ok 07:44:05.0124 2912 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 07:44:05.0125 2912 discache - ok 07:44:05.0186 2912 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 07:44:05.0188 2912 Disk - ok 07:44:05.0272 2912 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 07:44:05.0273 2912 drmkaud - ok 07:44:05.0334 2912 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 07:44:05.0374 2912 DXGKrnl - ok 07:44:05.0494 2912 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 07:44:05.0596 2912 ebdrv - ok 07:44:05.0691 2912 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 07:44:05.0700 2912 elxstor - ok 07:44:05.0737 2912 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 07:44:05.0738 2912 ErrDev - ok 07:44:05.0798 2912 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys 07:44:05.0801 2912 ETD - ok 07:44:05.0893 2912 ewusbnet (251af86e0a4ddf3a6b181ed5103b06b1) C:\Windows\system32\DRIVERS\ewusbnet.sys 07:44:05.0896 2912 ewusbnet - ok 07:44:05.0940 2912 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 07:44:05.0954 2912 exfat - ok 07:44:06.0001 2912 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 07:44:06.0006 2912 fastfat - ok 07:44:06.0049 2912 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 07:44:06.0050 2912 fdc - ok 07:44:06.0090 2912 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 07:44:06.0092 2912 FileInfo - ok 07:44:06.0113 2912 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 07:44:06.0125 2912 Filetrace - ok 07:44:06.0154 2912 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 07:44:06.0155 2912 flpydisk - ok 07:44:06.0200 2912 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 07:44:06.0206 2912 FltMgr - ok 07:44:06.0248 2912 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 07:44:06.0260 2912 FsDepends - ok 07:44:06.0303 2912 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys 07:44:06.0306 2912 fssfltr - ok 07:44:06.0329 2912 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 07:44:06.0332 2912 Fs_Rec - ok 07:44:06.0373 2912 FTDIBUS (0f210048c6bfbfbc0f50816bce40b575) C:\Windows\system32\drivers\ftdibus.sys 07:44:06.0376 2912 FTDIBUS - ok 07:44:06.0440 2912 FTSER2K (814f098b02095814a8bebbf86d13fc90) C:\Windows\system32\drivers\ftser2k.sys 07:44:06.0443 2912 FTSER2K - ok 07:44:06.0502 2912 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 07:44:06.0506 2912 fvevol - ok 07:44:06.0532 2912 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 07:44:06.0547 2912 gagp30kx - ok 07:44:06.0578 2912 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys 07:44:06.0578 2912 ggflt - ok 07:44:06.0625 2912 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys 07:44:06.0625 2912 ggsemc - ok 07:44:06.0673 2912 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 07:44:06.0674 2912 hcw85cir - ok 07:44:06.0740 2912 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 07:44:06.0745 2912 HdAudAddService - ok 07:44:06.0831 2912 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 07:44:06.0834 2912 HDAudBus - ok 07:44:06.0861 2912 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 07:44:06.0862 2912 HidBatt - ok 07:44:06.0893 2912 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 07:44:06.0895 2912 HidBth - ok 07:44:06.0916 2912 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 07:44:06.0917 2912 HidIr - ok 07:44:06.0970 2912 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 07:44:06.0971 2912 HidUsb - ok 07:44:06.0999 2912 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 07:44:07.0002 2912 HpSAMD - ok 07:44:07.0050 2912 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 07:44:07.0061 2912 HTTP - ok 07:44:07.0124 2912 hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys 07:44:07.0126 2912 hwdatacard - ok 07:44:07.0171 2912 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 07:44:07.0172 2912 hwpolicy - ok 07:44:07.0231 2912 hwusbfake (9c13a2691ac410cc7469f298684dca5d) C:\Windows\system32\DRIVERS\ewusbfake.sys 07:44:07.0234 2912 hwusbfake - ok 07:44:07.0284 2912 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 07:44:07.0286 2912 i8042prt - ok 07:44:07.0378 2912 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys 07:44:07.0381 2912 iaStor - ok 07:44:07.0460 2912 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 07:44:07.0468 2912 iaStorV - ok 07:44:07.0727 2912 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys 07:44:07.0951 2912 igfx - ok 07:44:08.0073 2912 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 07:44:08.0076 2912 iirsp - ok 07:44:08.0143 2912 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 07:44:08.0146 2912 intelide - ok 07:44:08.0221 2912 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 07:44:08.0222 2912 intelppm - ok 07:44:08.0261 2912 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 07:44:08.0264 2912 IpFilterDriver - ok 07:44:08.0299 2912 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 07:44:08.0300 2912 IPMIDRV - ok 07:44:08.0345 2912 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 07:44:08.0348 2912 IPNAT - ok 07:44:08.0368 2912 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 07:44:08.0369 2912 IRENUM - ok 07:44:08.0405 2912 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 07:44:08.0407 2912 isapnp - ok 07:44:08.0459 2912 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 07:44:08.0464 2912 iScsiPrt - ok 07:44:08.0555 2912 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 07:44:08.0557 2912 kbdclass - ok 07:44:08.0611 2912 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 07:44:08.0612 2912 kbdhid - ok 07:44:08.0672 2912 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 07:44:08.0674 2912 kbfiltr - ok 07:44:08.0737 2912 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 07:44:08.0740 2912 KSecDD - ok 07:44:08.0781 2912 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 07:44:08.0781 2912 KSecPkg - ok 07:44:08.0828 2912 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 07:44:08.0828 2912 ksthunk - ok 07:44:08.0906 2912 L1E (1541d77d3eb41177bd7026d49948aa95) C:\Windows\system32\DRIVERS\L1E62x64.sys 07:44:08.0907 2912 L1E - ok 07:44:08.0962 2912 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 07:44:08.0963 2912 lltdio - ok 07:44:09.0095 2912 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 07:44:09.0098 2912 LSI_FC - ok 07:44:09.0142 2912 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 07:44:09.0145 2912 LSI_SAS - ok 07:44:09.0164 2912 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 07:44:09.0166 2912 LSI_SAS2 - ok 07:44:09.0233 2912 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 07:44:09.0236 2912 LSI_SCSI - ok 07:44:09.0295 2912 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 07:44:09.0298 2912 luafv - ok 07:44:09.0325 2912 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys 07:44:09.0327 2912 lullaby - ok 07:44:09.0503 2912 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 07:44:09.0505 2912 megasas - ok 07:44:09.0532 2912 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 07:44:09.0538 2912 MegaSR - ok 07:44:09.0564 2912 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 07:44:09.0565 2912 Modem - ok 07:44:09.0596 2912 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 07:44:09.0597 2912 monitor - ok 07:44:09.0653 2912 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 07:44:09.0655 2912 mouclass - ok 07:44:09.0692 2912 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 07:44:09.0693 2912 mouhid - ok 07:44:09.0741 2912 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 07:44:09.0744 2912 mountmgr - ok 07:44:09.0828 2912 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 07:44:09.0844 2912 MpFilter - ok 07:44:09.0881 2912 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 07:44:09.0896 2912 mpio - ok 07:44:09.0928 2912 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 07:44:09.0943 2912 MpNWMon - ok 07:44:09.0990 2912 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 07:44:09.0992 2912 mpsdrv - ok 07:44:10.0034 2912 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 07:44:10.0046 2912 MRxDAV - ok 07:44:10.0092 2912 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 07:44:10.0106 2912 mrxsmb - ok 07:44:10.0153 2912 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 07:44:10.0169 2912 mrxsmb10 - ok 07:44:10.0214 2912 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 07:44:10.0226 2912 mrxsmb20 - ok 07:44:10.0268 2912 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 07:44:10.0271 2912 msahci - ok 07:44:10.0295 2912 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 07:44:10.0299 2912 msdsm - ok 07:44:10.0358 2912 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 07:44:10.0367 2912 Msfs - ok 07:44:10.0386 2912 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 07:44:10.0387 2912 mshidkmdf - ok 07:44:10.0429 2912 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 07:44:10.0432 2912 msisadrv - ok 07:44:10.0523 2912 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 07:44:10.0524 2912 MSKSSRV - ok 07:44:10.0560 2912 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 07:44:10.0561 2912 MSPCLOCK - ok 07:44:10.0578 2912 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 07:44:10.0579 2912 MSPQM - ok 07:44:10.0628 2912 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 07:44:10.0634 2912 MsRPC - ok 07:44:10.0672 2912 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 07:44:10.0673 2912 mssmbios - ok 07:44:10.0716 2912 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 07:44:10.0717 2912 MSTEE - ok 07:44:10.0744 2912 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 07:44:10.0745 2912 MTConfig - ok 07:44:10.0829 2912 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 07:44:10.0831 2912 MTsensor - ok 07:44:10.0871 2912 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 07:44:10.0874 2912 Mup - ok 07:44:10.0997 2912 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 07:44:11.0013 2912 NativeWifiP - ok 07:44:11.0080 2912 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 07:44:11.0103 2912 NDIS - ok 07:44:11.0211 2912 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 07:44:11.0212 2912 NdisCap - ok 07:44:11.0255 2912 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 07:44:11.0256 2912 NdisTapi - ok 07:44:11.0318 2912 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 07:44:11.0319 2912 Ndisuio - ok 07:44:11.0368 2912 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 07:44:11.0371 2912 NdisWan - ok 07:44:11.0422 2912 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 07:44:11.0423 2912 NDProxy - ok 07:44:11.0459 2912 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 07:44:11.0469 2912 NetBIOS - ok 07:44:11.0509 2912 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 07:44:11.0514 2912 NetBT - ok 07:44:11.0555 2912 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 07:44:11.0558 2912 nfrd960 - ok 07:44:11.0608 2912 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 07:44:11.0612 2912 NisDrv - ok 07:44:11.0671 2912 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 07:44:11.0683 2912 Npfs - ok 07:44:11.0708 2912 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 07:44:11.0709 2912 nsiproxy - ok 07:44:11.0787 2912 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 07:44:11.0833 2912 Ntfs - ok 07:44:11.0899 2912 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 07:44:11.0900 2912 Null - ok 07:44:11.0974 2912 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 07:44:11.0978 2912 nvraid - ok 07:44:11.0999 2912 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 07:44:12.0003 2912 nvstor - ok 07:44:12.0052 2912 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 07:44:12.0056 2912 nv_agp - ok 07:44:12.0089 2912 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 07:44:12.0091 2912 ohci1394 - ok 07:44:12.0146 2912 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 07:44:12.0146 2912 Parport - ok 07:44:12.0197 2912 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 07:44:12.0200 2912 partmgr - ok 07:44:12.0254 2912 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 07:44:12.0259 2912 pci - ok 07:44:12.0309 2912 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 07:44:12.0311 2912 pciide - ok 07:44:12.0352 2912 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 07:44:12.0357 2912 pcmcia - ok 07:44:12.0381 2912 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 07:44:12.0384 2912 pcw - ok 07:44:12.0417 2912 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 07:44:12.0427 2912 PEAUTH - ok 07:44:12.0593 2912 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 07:44:12.0596 2912 PptpMiniport - ok 07:44:12.0632 2912 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 07:44:12.0633 2912 Processor - ok 07:44:12.0793 2912 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 07:44:12.0797 2912 Psched - ok 07:44:12.0933 2912 PSINAflt (54d6ff8e88be3a7685a9727222ce70ef) C:\Windows\system32\DRIVERS\PSINAflt.sys 07:44:12.0938 2912 PSINAflt - ok 07:44:13.0050 2912 PSINFile (2377f49c39725ed0021d75136fb0f746) C:\Windows\system32\DRIVERS\PSINFile.sys 07:44:13.0065 2912 PSINFile - ok 07:44:13.0200 2912 PSINKNC (2dd99f249699d69bb5fb455a405e724a) C:\Windows\system32\DRIVERS\psinknc.sys 07:44:13.0200 2912 PSINKNC - ok 07:44:13.0247 2912 PSINProc (f8d7465cdd2a4ecae761ba8a0577d151) C:\Windows\system32\DRIVERS\PSINProc.sys 07:44:13.0262 2912 PSINProc - ok 07:44:13.0309 2912 PSINProt (8ce7ccb7ba1e79d78d25cb964dd5393e) C:\Windows\system32\DRIVERS\PSINProt.sys 07:44:13.0312 2912 PSINProt - ok 07:44:13.0381 2912 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 07:44:13.0426 2912 ql2300 - ok 07:44:13.0531 2912 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 07:44:13.0535 2912 ql40xx - ok 07:44:13.0562 2912 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 07:44:13.0563 2912 QWAVEdrv - ok 07:44:13.0577 2912 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 07:44:13.0578 2912 RasAcd - ok 07:44:13.0632 2912 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 07:44:13.0633 2912 RasAgileVpn - ok 07:44:13.0697 2912 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 07:44:13.0702 2912 Rasl2tp - ok 07:44:13.0825 2912 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 07:44:13.0826 2912 RasPppoe - ok 07:44:13.0876 2912 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 07:44:13.0878 2912 RasSstp - ok 07:44:13.0929 2912 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 07:44:13.0947 2912 rdbss - ok 07:44:13.0969 2912 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 07:44:13.0970 2912 rdpbus - ok 07:44:14.0004 2912 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 07:44:14.0005 2912 RDPCDD - ok 07:44:14.0065 2912 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 07:44:14.0066 2912 RDPENCDD - ok 07:44:14.0083 2912 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 07:44:14.0084 2912 RDPREFMP - ok 07:44:14.0131 2912 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 07:44:14.0135 2912 RDPWD - ok 07:44:14.0177 2912 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 07:44:14.0182 2912 rdyboost - ok 07:44:14.0244 2912 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 07:44:14.0247 2912 rspndr - ok 07:44:14.0313 2912 s1018bus (301fba4594fb5c0a469299a65106b4aa) C:\Windows\system32\DRIVERS\s1018bus.sys 07:44:14.0316 2912 s1018bus - ok 07:44:14.0332 2912 s1018mdfl (d1d7c744f79710357e60fc04d125ed01) C:\Windows\system32\DRIVERS\s1018mdfl.sys 07:44:14.0347 2912 s1018mdfl - ok 07:44:14.0378 2912 s1018mdm (7dbe12cccd837d4266b2ddd80a329c09) C:\Windows\system32\DRIVERS\s1018mdm.sys 07:44:14.0378 2912 s1018mdm - ok 07:44:14.0452 2912 s1018mgmt (065ff5e62d2d18a6d93fd925546cd549) C:\Windows\system32\DRIVERS\s1018mgmt.sys 07:44:14.0457 2912 s1018mgmt - ok 07:44:14.0539 2912 s1018nd5 (5101d815bdf0d667e3d5f0ea727caaee) C:\Windows\system32\DRIVERS\s1018nd5.sys 07:44:14.0542 2912 s1018nd5 - ok 07:44:14.0603 2912 s1018obex (13f220c65b444ac9bda49dacfc3230bb) C:\Windows\system32\DRIVERS\s1018obex.sys 07:44:14.0607 2912 s1018obex - ok 07:44:14.0648 2912 s1018unic (ce7d8bce80211d8a35f6bd7a87791860) C:\Windows\system32\DRIVERS\s1018unic.sys 07:44:14.0652 2912 s1018unic - ok 07:44:14.0715 2912 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 07:44:14.0718 2912 sbp2port - ok 07:44:14.0789 2912 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 07:44:14.0790 2912 scfilter - ok 07:44:14.0851 2912 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 07:44:14.0852 2912 secdrv - ok 07:44:14.0968 2912 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys 07:44:14.0971 2912 seehcri - ok 07:44:15.0034 2912 Ser2pl (749502a6c51116a6229cf7536181907f) C:\Windows\system32\DRIVERS\ser2pl64.sys 07:44:15.0035 2912 Ser2pl - ok 07:44:15.0078 2912 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 07:44:15.0079 2912 Serenum - ok 07:44:15.0149 2912 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 07:44:15.0151 2912 Serial - ok 07:44:15.0212 2912 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 07:44:15.0213 2912 sermouse - ok 07:44:15.0263 2912 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 07:44:15.0264 2912 sffdisk - ok 07:44:15.0283 2912 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 07:44:15.0284 2912 sffp_mmc - ok 07:44:15.0300 2912 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 07:44:15.0301 2912 sffp_sd - ok 07:44:15.0337 2912 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 07:44:15.0338 2912 sfloppy - ok 07:44:15.0404 2912 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 07:44:15.0406 2912 SiSGbeLH - ok 07:44:15.0432 2912 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 07:44:15.0432 2912 SiSRaid2 - ok 07:44:15.0478 2912 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 07:44:15.0478 2912 SiSRaid4 - ok 07:44:15.0494 2912 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 07:44:15.0510 2912 Smb - ok 07:44:15.0604 2912 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys 07:44:15.0666 2912 SNP2UVC - ok 07:44:15.0814 2912 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 07:44:15.0817 2912 spldr - ok 07:44:15.0881 2912 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 07:44:15.0902 2912 srv - ok 07:44:15.0968 2912 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 07:44:15.0987 2912 srv2 - ok 07:44:16.0038 2912 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 07:44:16.0053 2912 srvnet - ok 07:44:16.0107 2912 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 07:44:16.0110 2912 stexstor - ok 07:44:16.0162 2912 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 07:44:16.0164 2912 swenum - ok 07:44:16.0275 2912 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 07:44:16.0322 2912 Tcpip - ok 07:44:16.0397 2912 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 07:44:16.0409 2912 TCPIP6 - ok 07:44:16.0474 2912 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 07:44:16.0475 2912 tcpipreg - ok 07:44:16.0528 2912 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 07:44:16.0529 2912 TDPIPE - ok 07:44:16.0531 2912 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 07:44:16.0531 2912 TDTCP - ok 07:44:16.0594 2912 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 07:44:16.0594 2912 tdx - ok 07:44:16.0644 2912 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 07:44:16.0647 2912 TermDD - ok 07:44:16.0765 2912 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 07:44:16.0766 2912 tssecsrv - ok 07:44:16.0826 2912 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 07:44:16.0827 2912 TsUsbFlt - ok 07:44:16.0926 2912 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys 07:44:16.0930 2912 TuneUpUtilitiesDrv - ok 07:44:17.0053 2912 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 07:44:17.0059 2912 tunnel - ok 07:44:17.0088 2912 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 07:44:17.0091 2912 uagp35 - ok 07:44:17.0137 2912 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 07:44:17.0141 2912 udfs - ok 07:44:17.0206 2912 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 07:44:17.0209 2912 uliagpkx - ok 07:44:17.0257 2912 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 07:44:17.0258 2912 umbus - ok 07:44:17.0311 2912 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 07:44:17.0312 2912 UmPass - ok 07:44:17.0355 2912 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 07:44:17.0357 2912 usbccgp - ok 07:44:17.0403 2912 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 07:44:17.0405 2912 usbcir - ok 07:44:17.0425 2912 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 07:44:17.0427 2912 usbehci - ok 07:44:17.0481 2912 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys 07:44:17.0487 2912 usbhub - ok 07:44:17.0527 2912 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 07:44:17.0528 2912 usbohci - ok 07:44:17.0557 2912 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 07:44:17.0558 2912 usbprint - ok 07:44:17.0612 2912 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 07:44:17.0613 2912 usbscan - ok 07:44:17.0649 2912 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 07:44:17.0664 2912 usbser - ok 07:44:17.0695 2912 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 07:44:17.0711 2912 USBSTOR - ok 07:44:17.0748 2912 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 07:44:17.0749 2912 usbuhci - ok 07:44:17.0802 2912 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 07:44:17.0805 2912 usbvideo - ok 07:44:17.0849 2912 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 07:44:17.0851 2912 vdrvroot - ok 07:44:17.0888 2912 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 07:44:17.0889 2912 vga - ok 07:44:17.0911 2912 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 07:44:17.0912 2912 VgaSave - ok 07:44:17.0960 2912 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 07:44:17.0965 2912 vhdmp - ok 07:44:18.0084 2912 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys 07:44:18.0114 2912 VIAHdAudAddService - ok 07:44:18.0154 2912 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 07:44:18.0156 2912 viaide - ok 07:44:18.0176 2912 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 07:44:18.0179 2912 volmgr - ok 07:44:18.0227 2912 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 07:44:18.0234 2912 volmgrx - ok 07:44:18.0261 2912 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 07:44:18.0268 2912 volsnap - ok 07:44:18.0307 2912 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 07:44:18.0312 2912 vsmraid - ok 07:44:18.0343 2912 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 07:44:18.0344 2912 vwifibus - ok 07:44:18.0368 2912 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 07:44:18.0369 2912 vwififlt - ok 07:44:18.0397 2912 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 07:44:18.0398 2912 vwifimp - ok 07:44:18.0429 2912 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 07:44:18.0430 2912 WacomPen - ok 07:44:18.0487 2912 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 07:44:18.0488 2912 WANARP - ok 07:44:18.0494 2912 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 07:44:18.0497 2912 Wanarpv6 - ok 07:44:18.0556 2912 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 07:44:18.0558 2912 Wd - ok 07:44:18.0595 2912 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 07:44:18.0606 2912 Wdf01000 - ok 07:44:18.0678 2912 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 07:44:18.0679 2912 WfpLwf - ok 07:44:18.0724 2912 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 07:44:18.0738 2912 WimFltr - ok 07:44:18.0765 2912 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 07:44:18.0781 2912 WIMMount - ok 07:44:18.0947 2912 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 07:44:18.0949 2912 WinUsb - ok 07:44:19.0007 2912 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 07:44:19.0008 2912 WmiAcpi - ok 07:44:19.0139 2912 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 07:44:19.0140 2912 ws2ifsl - ok 07:44:19.0191 2912 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 07:44:19.0196 2912 WudfPf - ok 07:44:19.0229 2912 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 07:44:19.0233 2912 WUDFRd - ok 07:44:19.0301 2912 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 07:44:19.0398 2912 \Device\Harddisk0\DR0 - ok 07:44:19.0409 2912 Boot (0x1200) (1c5fc7e878c14b174ecad832ac6ab3ba) \Device\Harddisk0\DR0\Partition0 07:44:19.0411 2912 \Device\Harddisk0\DR0\Partition0 - ok 07:44:19.0432 2912 Boot (0x1200) (fce8fc7b48735ca883f59b339018a524) \Device\Harddisk0\DR0\Partition1 07:44:19.0434 2912 \Device\Harddisk0\DR0\Partition1 - ok 07:44:19.0434 2912 ============================================================ 07:44:19.0434 2912 Scan finished 07:44:19.0434 2912 ============================================================ 07:44:19.0446 4536 Detected object count: 0 07:44:19.0446 4536 Actual detected object count: 0 07:44:47.0645 4364 Deinitialize success Geändert von garfieldcb (27.12.2011 um 07:53 Uhr) |
|
27.12.2011, 09:11
| #6 |
| | Inernetseiten werden falsch angezeigt wenn das dir hilft hier ein bericht meines Panda Cloud Antivirus Programm Ereignis Datum/Zeit Status Weitere Details ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Verdächtige Datei erkannt 27.12.2011 09:08:06 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\E980\4FA6.exe Trojaner erkannt Trj/Cycbot.gen 27.12.2011 08:06:24 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\9810\023.exe Verdächtige Datei erkannt 27.12.2011 07:35:40 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\1F36.exe Verdächtige Datei erkannt 27.12.2011 07:35:29 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\E496.exe Verdächtige Datei erkannt 27.12.2011 07:30:00 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\F170.exe Verdächtige Datei erkannt 27.12.2011 07:29:50 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe Verdächtige Datei erkannt 27.12.2011 07:29:49 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\89E0\F7E.exe Verdächtige Datei erkannt 27.12.2011 07:29:47 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\BD84.exe Trojaner erkannt Trj/CI.A 27.12.2011 07:29:41 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe Synchronisierung 26.12.2011 17:17:27 Synchronisiert. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 16:37:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 16:17:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 15:57:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 15:37:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 15:17:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Synchronisierung 26.12.2011 14:58:32 Synchronisiert. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen. Cookie erkannt Cookie/Doubleclick 26.12.2011 14:38:55 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\Windows\Cookies\RSTFTQQT.txt Scan 26.12.2011 14:38:16 Gestartet Scanvorgang läuft: Gesamten Arbeitsplatz Computer geimpft 26.12.2011 14:37:32 Geimpft. Ihr Computer wurde geimpft. |
|
27.12.2011, 14:21
| #7 | ||
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigtZitat:
 Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
Bitte poste in deiner nächsten Antwort Combofix.txt
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.12.2011, 22:08
| #8 |
| | Inernetseiten werden falsch angezeigt Combofix Logfile: Code:
ATTFilter ComboFix 11-12-27.01 - enzo 27.12.2011 20:44:35.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.3006 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\programdata\SPL57B9.tmp
c:\programdata\SPL76C4.tmp
c:\programdata\SPL7703.tmp
c:\programdata\SPL7B27.tmp
c:\programdata\SPL89D7.tmp
c:\programdata\SPLC9F3.tmp
c:\programdata\SPLE06F.tmp
c:\programdata\SPLE0AE.tmp
c:\windows\ST6UNST.000
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-27 bis 2011-12-27 ))))))))))))))))))))))))))))))
.
.
2011-12-27 19:52 . 2011-12-27 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-26 13:38 . 2011-12-26 13:38 -------- d-----w- c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-26 13:37 -------- d-----w- c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:37 . 2011-12-27 06:30 -------- d-----w- c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-26 13:37 -------- d-----w- c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- C:\temp
2011-12-26 11:14 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09 -------- d-----w- c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56 -------- d-----w- c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03 -------- d-----w- c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18 -------- d-----w- c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16 -------- d-----w- c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48 -------- d-----w- c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57 -------- d-----w- c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55 -------- d-----w- c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22 -------- d-----w- c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29 -------- d-----w- c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07 -------- d-----w- c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42 -------- d-----w- c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08 -------- d-sh--r- c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59 -------- d-----w- c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-11-27 21:48 . 2011-11-27 21:48 -------- d-----w- c:\users\enzo\AppData\Local\MAGIX
2011-11-27 21:48 . 2011-11-27 21:48 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Shared
2011-11-27 21:43 . 2011-12-18 17:59 -------- d-----w- c:\program files (x86)\Common Files\MAGIX Services
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:61071
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61071
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-lxdpmon.exe - c:\program files (x86) (x86)\Lexmark Z2300 Series\lxdpmon.exe
Wow6432Node-HKLM-Run-EzPrint - c:\program files (x86) (x86)\Lexmark Z2300 Series\ezprint.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Toolbar-Locked - (no file)
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Glucofacts Deluxe Updater 2.0 - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-27 21:13:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-12-27 20:13
.
Vor Suchlauf: 13 Verzeichnis(se), 62.024.876.032 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.603.168.256 Bytes frei
.
- - End Of File - - F83A4FB20822CE9C752D0FAEE60F4535
|
|
27.12.2011, 22:15
| #9 |
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigt Nutzt du einen Proxy Server mit Firefox ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.12.2011, 22:53
| #10 |
| | Inernetseiten werden falsch angezeigt benutze google chrome proxy server ? weiss nicht ganz genau was du meinst |
|
27.12.2011, 23:39
| #11 |
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigt Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, dass kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter: BleepingComputer.com - ForoSpyware.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die  + R Taste --> Notepad (hinein schreiben) --> OKKopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter FireFox::
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61071
FF - prefs.js: network.proxy.type - 1
ClearJavaCache::
DDS::
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:61071
Wichtig:
Bitte poste in deiner nächsten Antwort Combofix.txt Berichte ob die Umleitungen noch vorhanden sind
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.12.2011, 07:56
| #12 |
| | Inernetseiten werden falsch angezeigt Combofix Logfile: Code:
ATTFilter ComboFix 11-12-27.01 - enzo 27.12.2011 23:57:32.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2625 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\enzo\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-27 bis 2011-12-27 ))))))))))))))))))))))))))))))
.
.
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-12-27 22:21 . 2011-12-27 22:21 -------- d-----w- c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:38 . 2011-12-26 13:38 -------- d-----w- c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-27 22:21 -------- d-----w- c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-27 22:21 -------- d-----w- c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- C:\temp
2011-12-26 11:14 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09 -------- d-----w- c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56 -------- d-----w- c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03 -------- d-----w- c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18 -------- d-----w- c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16 -------- d-----w- c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48 -------- d-----w- c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57 -------- d-----w- c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55 -------- d-----w- c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22 -------- d-----w- c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29 -------- d-----w- c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07 -------- d-----w- c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42 -------- d-----w- c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08 -------- d-sh--r- c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59 -------- d-----w- c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-27_20.10.11 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-27 19:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-14 19:49 . 2011-12-27 23:13 73670 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-27 23:13 42688 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-20 13:11 . 2011-12-27 23:13 19112 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2472717812-2426843061-1815285832-1000_UserData.bin
+ 2010-10-05 16:06 . 2011-12-27 21:03 9160 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:53 . 2011-12-27 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-27 19:53 . 2011-12-27 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-04-28 12:57 . 2011-04-28 12:57 128072 c:\windows\system32\drivers\PSINProt.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 121928 c:\windows\system32\drivers\PSINProc.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 149576 c:\windows\system32\drivers\PSINKNC.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 114760 c:\windows\system32\drivers\PSINFile.sys
+ 2011-07-05 11:12 . 2011-07-05 11:12 160520 c:\windows\system32\drivers\PSINAflt.sys
- 2009-07-14 05:01 . 2011-12-27 19:53 512420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-27 23:10 512420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-27 22:21 . 2011-12-27 22:21 339968 c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-01-14 17:06 . 2011-12-27 23:10 5819258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-01-14 17:06 . 2011-12-27 19:53 5819258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-11-27 22:51 . 2011-12-26 23:08 3197552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-11-27 22:51 . 2011-12-27 23:10 3197552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-07-14 10:58 . 2011-07-14 10:58 6374912 c:\windows\Installer\469d2f.msi
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-28 00:31:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-12-27 23:31
ComboFix2.txt 2011-12-27 20:13
.
Vor Suchlauf: 18 Verzeichnis(se), 61.351.301.120 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.193.187.328 Bytes frei
.
- - End Of File - - A75CCDCB1D7362C04D476A9AAED6DD8F
|
|
28.12.2011, 10:56
| #13 | |
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigtZitat:
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
28.12.2011, 12:38
| #14 |
| | Inernetseiten werden falsch angezeigt Hallo! bis jetzt hab ich keine umleitung mehr gehabt Combofix Logfile: Code:
ATTFilter ComboFix 11-12-27.01 - enzo 27.12.2011 23:57:32.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2625 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\enzo\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-11-27 bis 2011-12-27 ))))))))))))))))))))))))))))))
.
.
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-27 23:10 . 2011-12-27 23:10 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-12-27 22:21 . 2011-12-27 22:21 -------- d-----w- c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:38 . 2011-12-26 13:38 -------- d-----w- c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-27 22:21 -------- d-----w- c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-27 22:21 -------- d-----w- c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36 -------- d-----w- C:\temp
2011-12-26 11:14 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09 -------- d-----w- c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56 -------- d-----w- c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03 -------- d-----w- c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18 -------- d-----w- c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16 -------- d-----w- c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48 -------- d-----w- c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39 -------- d-----w- c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57 -------- d-----w- c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23 34624 ----a-w- c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23 25920 ----a-w- c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23 21312 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55 -------- d-----w- c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26 -------- d-----w- c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22 -------- d-----w- c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25 -------- d-----w- c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09 -------- d-----w- c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29 -------- d-----w- c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07 -------- d-----w- c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42 -------- d-----w- c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08 -------- d-sh--r- c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59 -------- d-----w- c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-27_20.10.11 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-27 19:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-14 19:49 . 2011-12-27 23:13 73670 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-27 23:13 42688 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-20 13:11 . 2011-12-27 23:13 19112 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2472717812-2426843061-1815285832-1000_UserData.bin
+ 2010-10-05 16:06 . 2011-12-27 21:03 9160 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:53 . 2011-12-27 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-27 19:53 . 2011-12-27 19:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-04-28 12:57 . 2011-04-28 12:57 128072 c:\windows\system32\drivers\PSINProt.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 121928 c:\windows\system32\drivers\PSINProc.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 149576 c:\windows\system32\drivers\PSINKNC.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57 114760 c:\windows\system32\drivers\PSINFile.sys
+ 2011-07-05 11:12 . 2011-07-05 11:12 160520 c:\windows\system32\drivers\PSINAflt.sys
- 2009-07-14 05:01 . 2011-12-27 19:53 512420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-27 23:10 512420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-27 22:21 . 2011-12-27 22:21 339968 c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-01-14 17:06 . 2011-12-27 23:10 5819258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-01-14 17:06 . 2011-12-27 19:53 5819258 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-11-27 22:51 . 2011-12-26 23:08 3197552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-11-27 22:51 . 2011-12-27 23:10 3197552 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-07-14 10:58 . 2011-07-14 10:58 6374912 c:\windows\Installer\469d2f.msi
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37 86696 ----a-w- c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45 72248 ----a-w- c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-28 00:31:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-12-27 23:31
ComboFix2.txt 2011-12-27 20:13
.
Vor Suchlauf: 18 Verzeichnis(se), 61.351.301.120 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.193.187.328 Bytes frei
.
- - End Of File - - A75CCDCB1D7362C04D476A9AAED6DD8F
|
|
28.12.2011, 19:08
| #15 |
| /// Selecta Jahrusso | Inernetseiten werden falsch angezeigt Ich sehe das Du sogenannte Registry Cleaner am System hast. In deinem Fall TuneUp. Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
Zerstörst Du die Registry, zerstörst Du Windows. Ich empfehle Dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten. Downloade Dir bitte Malwarebytes
ESET Online Scanner
Bitte poste in deiner nächsten Antwort MBAM Log Log.txt
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu Inernetseiten werden falsch angezeigt |
| angezeigt, ausprobiert, bräuchte, erfolg, erfolgreich, erklärt, falsch, gmer, google, hijack, links, lösen, problem, programme, programmen, seite, seiten, stehe, versuch, vorgehen, wirklich, öffnet |
Linear-Darstellung
