Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Inernetseiten werden falsch angezeigt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.12.2011, 17:07   #1
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Hallo! Habe das problem das wenn ich links benutze

z.B. bei google werde ich jedes mal auf nicht seriöse seiten umgeleitet. Erst beim zweiten versuch öffnet sich die wirklich angewählte seite. Ich werde ständig auf die seite Fi..dates.com umgeleitet " die zwei .. stehen für ck"

Wie soll ich vorgehen und welche Programme soll ich durchscannen lassen. Habe es selbst ausprobiert das Problem zu lösen aber kein Erfolg gehabt, jetzt bräuchte ich Hilfe und jemanden der mir erklärt was ich machen muss. Habe ja schon gelesen von den Programmen Gmer, Hijack usw. aber wie ich sie erfolgreich einsetze weiss ich nicht.

Vielen Dank im voraus

Alt 26.12.2011, 18:59   #2
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt





Bitte lies folgendes vollständig.
Für alle Hilfesuchenden. Was muss ich vor der Eröffnung eines Themas beachten
__________________

__________________

Alt 26.12.2011, 19:17   #3
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 12/26/2011 7:10:32 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\enzo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.97 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 44.14% Memory free
7.93 Gb Paging File | 5.81 Gb Available in Paging File | 73.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.45 Gb Total Space | 59.50 Gb Free Space | 51.09% Space Free | Partition Type: NTFS
Drive D: | 101.79 Gb Total Space | 85.28 Gb Free Space | 83.78% Space Free | Partition Type: NTFS
 
Computer Name: ENZO-PC | User Name: enzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/12/26 19:08:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\enzo\Downloads\OTL.exe
PRC - [2011/12/26 17:43:41 | 000,292,864 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe
PRC - [2011/12/26 12:52:25 | 000,194,048 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe
PRC - [2011/12/26 12:51:52 | 000,177,152 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe
PRC - [2011/04/28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2009/09/14 20:45:35 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/14 10:37:58 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe
PRC - [2009/09/14 10:37:58 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe
PRC - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/21 23:00:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brss01a.exe
PRC - [2009/07/16 18:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/07 19:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2009/05/18 23:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 19:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 04:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2004/06/13 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\Windows\SysWOW64\brsvc01a.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/12/26 17:43:41 | 000,292,864 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe
MOD - [2011/12/26 12:52:25 | 000,194,048 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe
MOD - [2011/12/26 12:51:52 | 000,177,152 | ---- | M] () -- C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe
MOD - [2011/12/25 22:33:19 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/12/25 22:31:34 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/12/25 22:30:57 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/12/25 22:30:35 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/12/25 22:24:06 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/12/25 22:23:51 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/12/07 12:16:28 | 000,411,192 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
MOD - [2011/12/07 12:16:27 | 003,767,864 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
MOD - [2011/12/07 12:14:56 | 000,122,952 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll
MOD - [2011/12/07 12:14:55 | 000,222,280 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll
MOD - [2011/12/07 12:14:53 | 001,746,504 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll
MOD - [2011/12/07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
MOD - [2011/12/07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Users\enzo\AppData\Local\Google\Chrome\APPLIC~1\160912~1.63\gcswf32.dll
MOD - [2009/09/14 10:37:58 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe
MOD - [2009/07/24 18:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/07/23 01:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/05/14 08:35:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmonr.dll
MOD - [2008/08/28 00:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2007/08/08 16:55:30 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\iptk.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/08/19 09:26:58 | 001,044,648 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdpcoms.exe -- (lxdp_device)
SRV:64bit: - [2009/04/28 08:58:54 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdpserv.exe -- (lxdpCATSCustConnectService)
SRV:64bit: - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/12/14 12:23:34 | 002,123,584 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [Disabled | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/05/24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Unknown | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2011/04/26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2009/08/19 09:26:46 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdpcoms.exe -- (lxdp_device)
SRV - [2009/07/24 01:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2004/06/13 23:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\Windows\SysWOW64\brsvc01a.exe -- (Brother XP spl Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/07/05 12:12:46 | 000,160,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINAflt.sys -- (PSINAFLT)
DRV:64bit: - [2011/04/28 13:57:43 | 000,128,072 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProt.sys -- (PSINPROT)
DRV:64bit: - [2011/04/28 13:57:43 | 000,121,928 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINProc.sys -- (PSINPROC)
DRV:64bit: - [2011/04/28 13:57:42 | 000,149,576 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PSINKNC.sys -- (PSINKNC)
DRV:64bit: - [2011/04/28 13:57:42 | 000,114,760 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PSINFile.sys -- (PSINFILE)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/10/15 21:53:08 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2010/10/15 21:52:46 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2010/10/15 21:52:46 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/10/05 15:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 09:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/29 17:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009/06/29 17:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009/06/18 20:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/12 04:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/09 05:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/05 11:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/06/04 11:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 14:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/13 02:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/09 12:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009/03/25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009/03/25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009/03/25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009/03/25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2008/12/08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/01 20:25:51 | 000,084,288 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2008/05/01 20:25:51 | 000,068,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2007/07/31 19:04:48 | 000,090,112 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2007/07/24 19:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2011/12/12 19:31:38 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.1und1.de/br/ie9_startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.1und1.de/br/ie9_startpage
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61071
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 61071
FF - prefs.js..network.proxy.type: 1
 
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/25 16:35:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/26 12:10:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.16\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/12/09 10:04:26 | 000,000,000 | ---D | M]
 
[2010/12/31 14:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Extensions
[2010/12/31 14:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/12/26 14:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions
[2011/03/13 12:29:59 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/12/26 14:37:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/01/14 19:07:11 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011/01/14 19:07:10 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\engine@conduit.com
[2011/12/26 14:37:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions
[2011/12/26 14:37:14 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\enzo\AppData\Roaming\mozilla\Firefox\Profiles\vz51ttxw.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/12/26 12:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/06/09 18:17:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/03 19:06:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/03/03 19:06:04 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/03 19:06:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/03/03 19:06:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\enzo\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\enzo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\enzo\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Mail = C:\Users\enzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
 
O1 HOSTS File: ([2011/12/26 12:05:49 | 000,000,825 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdpmon.exe] C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe ()
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [EzPrint] "C:\Program Files (x86) (x86)\Lexmark Z2300 Series\ezprint.exe" File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [lxdpmon.exe] "C:\Program Files (x86) (x86)\Lexmark Z2300 Series\lxdpmon.exe" File not found
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [B67.exe] C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe ()
O4 - HKCU..\Run: [F7E.exe] C:\Users\enzo\AppData\Roaming\Microsoft\89E0\F7E.exe ()
F3:64bit: - HKCU WinNT: Load - (C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe) - C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe ()
F3 - HKCU WinNT: Load - (C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe) -C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk ()
O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{332535EA-4ECE-4ABB-BB2B-229849CC0810}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F9EFA5E-6344-42B2-9919-08FE22D5E752}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53373220-CA15-489E-8CF1-8BC4EFC94ACF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{728AD324-36DB-4EE4-8F2C-6C01AA0DD002}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe) -C:\Users\enzo\AppData\Roaming\02BFE\BA3F9.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\labelprint.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\olrsubmission.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\alu.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\labelprint.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\pccompanion.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2go.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2012\TUAutoReactivator64.EXE (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{283a1d7c-72ae-11e0-a0c5-90e6ba3cc499}\Shell - "" = AutoRun
O33 - MountPoints2\{283a1d7c-72ae-11e0-a0c5-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3646f6e4-9b3f-11e0-bd9c-bbb89a285f09}\Shell - "" = AutoRun
O33 - MountPoints2\{3646f6e4-9b3f-11e0-bd9c-bbb89a285f09}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{458fd1e2-c4b8-11df-a209-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{458fd1e2-c4b8-11df-a209-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{458fd35a-c4b8-11df-a209-90e6ba3cc499}\Shell - "" = AutoRun
O33 - MountPoints2\{458fd35a-c4b8-11df-a209-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4da8062f-c662-11df-8804-90e6ba3cc499}\Shell - "" = AutoRun
O33 - MountPoints2\{4da8062f-c662-11df-8804-90e6ba3cc499}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{4da8064f-c662-11df-8804-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{4da8064f-c662-11df-8804-001e101f57d0}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9fe0e331-18dd-11e1-be32-cd32392a5867}\Shell - "" = AutoRun
O33 - MountPoints2\{9fe0e331-18dd-11e1-be32-cd32392a5867}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.hta
O33 - MountPoints2\{c60c869f-a165-11de-a550-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c60c869f-a165-11de-a550-806e6f6e6963}\Shell\AutoRun\command - "" = E:\zdata\cobi.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/12/26 14:38:00 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Panda Security
[2011/12/26 14:37:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2011/12/26 14:37:19 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\panda2_0dn
[2011/12/26 14:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
[2011/12/26 14:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2011/12/26 14:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/12/26 14:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2011/12/26 14:36:13 | 000,000,000 | ---D | C] -- C:\temp
[2011/12/26 12:09:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Seven Zip
[2011/12/26 12:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/12/26 12:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/12/25 22:16:24 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2011/12/25 21:56:35 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\AntiBrowserSpy 2009
[2011/12/25 21:55:23 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Abelssoft
[2011/12/25 19:16:32 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\FreeFixer
[2011/12/25 19:16:31 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\FreeFixer
[2011/12/25 19:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2011/12/25 18:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\S.N.Safe&Software
[2011/12/25 18:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnS Soft
[2011/12/25 14:57:59 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Ashampoo
[2011/12/25 14:54:52 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011/12/25 14:54:52 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011/12/25 14:54:52 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011/12/25 14:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011/12/25 14:54:36 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\TuneUp Software
[2011/12/25 14:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2011/12/25 14:53:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/12/25 14:53:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011/12/25 13:11:34 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/12/24 12:26:46 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Sony Corporation
[2011/12/24 12:26:21 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Sony
[2011/12/24 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\enzo\Podcasts
[2011/12/24 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\Media Go
[2011/12/24 12:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011/12/24 12:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2011/12/24 12:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 3.3
[2011/12/24 12:22:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TraXEx
[2011/12/24 12:19:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install
[2011/12/24 12:17:27 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\Sony
[2011/12/24 12:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide
[2011/12/24 12:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2011/12/24 12:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2011/12/23 17:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP
[2011/12/23 00:42:16 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\FE661
[2011/12/23 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\02BFE
[2011/12/19 17:59:46 | 000,000,000 | ---D | C] -- C:\Users\enzo\Tracing
[2011/12/18 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\MAGIX Downloads
[2011/12/18 19:45:50 | 000,000,000 | ---D | C] -- C:\Users\enzo\Documents\MAGIX
[2011/12/18 19:04:11 | 000,000,000 | RHSD | C] -- C:\Users\enzo\M-1-25-5432-6437-5685
[2011/12/18 18:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011/12/18 18:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011/11/27 23:36:19 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\MAGIX_AG
[2011/11/27 22:48:51 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\MAGIX
[2011/11/27 22:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2011/11/27 22:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011/11/27 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Roaming\MAGIX
[2011/11/27 19:48:41 | 000,000,000 | ---D | C] -- C:\Users\enzo\AppData\Local\Xara
[2011/11/27 19:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011/11/27 19:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/07/30 14:58:52 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdppmui.dll
[2011/07/30 14:58:52 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpinpa.dll
[2011/07/30 14:58:52 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpiesc.dll
[2011/07/30 14:58:51 | 001,101,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpserv.dll
[2011/07/30 14:58:51 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomc.dll
[2011/07/30 14:58:51 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpusb1.dll
[2011/07/30 14:58:51 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdphbn3.dll
[2011/07/30 14:58:51 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcoms.exe
[2011/07/30 14:58:51 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdplmpm.dll
[2011/07/30 14:58:51 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomm.dll
[2011/07/30 14:58:51 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcfg.exe
[2011/07/30 14:58:51 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpih.exe
[2011/07/30 14:58:51 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpprox.dll
[2008/08/12 05:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/12/26 19:07:49 | 000,000,000 | ---- | M] () -- C:\Users\enzo\defogger_reenable
[2011/12/26 18:20:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
[2011/12/26 15:20:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
[2011/12/26 14:37:03 | 000,000,276 | ---- | M] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/12/26 12:58:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 12:58:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/26 12:50:10 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
[2011/12/26 12:50:10 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
[2011/12/26 12:50:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/26 12:49:55 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/26 12:21:02 | 000,376,574 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2011/12/26 12:21:02 | 000,351,112 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/12/26 12:21:02 | 000,235,906 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2011/12/26 12:21:02 | 000,050,480 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2011/12/26 12:21:02 | 000,043,458 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/12/26 12:21:02 | 000,037,464 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2011/12/26 12:21:02 | 000,006,592 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2011/12/26 12:21:02 | 000,005,300 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/26 12:07:18 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/12/26 12:05:56 | 000,002,314 | ---- | M] () -- C:\Users\enzo\Desktop\Google Chrome.lnk
[2011/12/26 12:05:07 | 004,934,902 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/12/26 12:05:07 | 001,505,372 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/12/26 12:05:07 | 001,265,808 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/25 22:16:24 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2011/12/25 19:43:55 | 001,237,312 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/25 13:07:38 | 000,566,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/24 12:22:34 | 000,001,121 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx PC-Putzer.lnk
[2011/12/20 21:36:44 | 000,010,268 | ---- | M] () -- C:\Users\enzo\Documents\pvc.odt
[2011/12/18 20:35:17 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/12/18 19:31:53 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Foto Premium MX (Starter).lnk
[2011/12/18 00:33:17 | 000,024,697 | ---- | M] () -- C:\Users\enzo\Documents\Hund.odt
[2011/12/17 23:23:13 | 000,007,609 | ---- | M] () -- C:\Users\enzo\AppData\Local\Resmon.ResmonCfg
[2011/12/14 22:20:27 | 000,012,690 | ---- | M] () -- C:\Users\enzo\Documents\Tierärzte.odt
[2011/12/14 12:23:40 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011/12/14 12:23:22 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011/12/14 12:23:22 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011/12/11 09:29:22 | 000,014,888 | ---- | M] () -- C:\Users\enzo\Documents\kaufvertrag Garten.odt
[2011/12/09 15:29:12 | 000,048,374 | ---- | M] () -- C:\Users\enzo\Documents\danny.odt
[2011/11/29 18:51:11 | 000,022,516 | ---- | M] () -- C:\Users\enzo\Documents\Bed Head.odt
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[8 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/12/26 19:07:49 | 000,000,000 | ---- | C] () -- C:\Users\enzo\defogger_reenable
[2011/12/26 14:37:03 | 000,000,276 | ---- | C] () -- C:\Windows\SysNative\PSUNCpl.dat
[2011/12/26 12:07:18 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/12/26 12:05:07 | 001,265,808 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/26 12:05:02 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/12/25 14:54:48 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011/12/25 13:11:36 | 000,002,314 | ---- | C] () -- C:\Users\enzo\Desktop\Google Chrome.lnk
[2011/12/24 12:22:34 | 000,001,121 | -H-- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx PC-Putzer.lnk
[2011/12/20 21:36:42 | 000,010,268 | ---- | C] () -- C:\Users\enzo\Documents\pvc.odt
[2011/12/18 19:31:53 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Foto Premium MX (Starter).lnk
[2011/12/17 23:58:41 | 000,024,697 | ---- | C] () -- C:\Users\enzo\Documents\Hund.odt
[2011/12/17 23:23:13 | 000,007,609 | ---- | C] () -- C:\Users\enzo\AppData\Local\Resmon.ResmonCfg
[2011/12/14 22:20:25 | 000,012,690 | ---- | C] () -- C:\Users\enzo\Documents\Tierärzte.odt
[2011/12/09 15:29:10 | 000,048,374 | ---- | C] () -- C:\Users\enzo\Documents\danny.odt
[2011/12/08 11:44:59 | 000,014,888 | ---- | C] () -- C:\Users\enzo\Documents\kaufvertrag Garten.odt
[2011/07/30 14:58:52 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDPinst.dll
[2011/07/30 14:58:52 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdpcomx.dll
[2011/06/08 16:29:49 | 000,000,000 | ---- | C] () -- C:\Users\enzo\AppData\Local\SiDiary6W32.run
[2011/05/27 19:33:40 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2011/05/27 19:33:39 | 000,000,521 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/05/27 19:33:39 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/09/24 19:47:38 | 000,000,600 | ---- | C] () -- C:\Users\enzo\AppData\Roaming\winscp.rnd
[2010/09/20 14:35:09 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/09/14 20:45:29 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 09:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 09:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 06:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/03 02:40:27 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 18:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
 
========== LOP Check ==========
 
[2011/12/26 14:32:05 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\02BFE
[2011/12/25 21:56:35 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\AntiBrowserSpy 2009
[2011/01/14 19:09:08 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Battle Tanks
[2011/10/03 12:26:36 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/13 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\coupons
[2011/02/07 22:59:47 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2011/11/19 14:37:25 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\DVDVideoSoft
[2011/03/13 12:29:59 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/12/26 12:52:25 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\FE661
[2011/12/25 19:18:19 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\FreeFixer
[2010/09/24 19:54:14 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Hunspell
[2011/12/20 10:33:15 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\MAGIX
[2011/10/04 02:35:47 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Meine Traffic
[2011/07/03 16:37:45 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\NetSpeedMonitor
[2011/05/31 20:50:24 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\OpenOffice.org
[2011/12/26 14:38:00 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Panda Security
[2011/12/24 12:25:54 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Sony
[2011/10/03 12:24:38 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/12/31 14:04:11 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Thunderbird
[2011/12/25 14:54:36 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\TuneUp Software
[2010/09/20 14:21:39 | 000,000,000 | ---D | M] -- C:\Users\enzo\AppData\Roaming\Vodafone
[2011/12/26 12:50:10 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
[2011/12/26 12:50:10 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
[2011/12/25 13:07:03 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< GMER 1.0.15.15641 - hxxp://www.gmer.net >
Invalid Switch: www.gmer.net

 
< Rootkit scan 2011-12-26 16:22:45 >
 
< Windows 6.1.7601 Service Pack 1  >
 
< Running: l8z7uzox.exe >
 
<  >
 
<  >
 
< ---- Registry - GMER 1.0.15 ---- >
 
<  >
 
< Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export       ?????{??????????? ???????????????????v????"?????p???????94??USB\VID_05E3&PID_0727&REV_0207?USB\VID_05E3&PID_0727????el???????????E???e??? n?????????????????????????? ??????????????s????????????????????????????????????????????????-???-???????-???????????????????f????????????$??????0??????????ROOT\*6TO4MP\0002????????y?????????d?????????.???????????????????????i???h???????????????????e???????g???????y???=??????ti??????#???nettun.inf??????? ??????????????????6to4mp.ndi??=1??? ???y???i?????ft????????????B???????-???????????????????z???n????????????`?????????????? ??????????????n???6.1.7600.16385??????? P???????????????????*?????? ????d|? ??? .?????????????????Microsoft-6zu4-Adapter???????????z??????????????????????????????????"???? ???????????????????-??????????`???????????{43E2E25F-5E57-4E46-9E89-5311F3AD5361}??????TCPIP6TUNNEL?Tcpip6?????\Device\{43E2E25F-5E57-4E46-9E89-5311F3AD5361}??0c??? ???????????????????6??????????<????????????? >
 
< ???z???????e????<??????f??????Microsoft-6zu4-Adaptertreiber???? ????????????? >
 
< Reg  HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export  ????BT??? ???????????????????????????????????????????????????????????????????????????????e???y??*6to4mp?????? ???????'????????????????x?????????????????? ?????????????????????0????????????????????????????????????????? ???????Z?????????????0??????????*?&???????????????????????????????e ???c??Microsoft?????&?????????????volume_install??4_??????os??t????????????????????????????????????t???????????????????????????7?????????t25??????????*6to4mp??%??? ???????????????????7??????????@volsnap.inf,%storage\volumesnapshot.devicedesc%;Standard-Volumeschattenkopie???@disk.inf,%disk_devdesc%;Laufwerk???4.50.3.8????????????? ??????????????????????????????????????????????????????????????????????Microsoft???Typ?81??? ??????????????????????????????????<?????????????????????????????????????????????????????N??????s????Ddis?????????????????s????LAN-Verbindung* 30???????????????? ??????T????????????J??????_??????????Netzwerkadresse??????????j???f??p????? >
 
< ???????i??????????????\\?\USBSTOR#CdRom&Ven_Vodafone&Prod_CD_ROM_(Huawei)&Rev >
 
< Reg  HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export           ???i????????????????}"????8??i????????h??????T?U?i?[?s???i???????????????j??????????????????????t???system32\DRIVERS\mrxsmb20.sys?????????????N?????????????????????????????????volsnap?????disk????? ???????j?????i?????i???????????????????????\???????????v??????c%??? ???????i???????????j??????????N????????????????.???????e??volsnap????????????????????????????s?????i???????????z??????????P6???i??????s????????????0?????????????????????s????.NT??n???????i??????????????_m??@netrasa.inf,%msft%;Microsoft????i???????????????????????????????????????j?j????????????????????????????????????????????????x???FltMgr???????o?o?l??root\swenum??e????N??i????????D?????{71a27cdd-812a-11d0-bec7-08002be2092f}???????????????????????????????i??USB??e???i????????????????????N??????????????????????n???????i???????????????????i?????i?????????????????????????i???????????i?i?????????????????????????i??????????6.1.7600.16385???????i?i?????????????a??ar????8??i???v >
 
< ??es??Microsoft Composite Battery?0a???i?i0a???????????????????????i???4????? >
 
< Reg  HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export      ???i?o???i??blbdrive.inf:MSFT.NTamd64:blbdrive_device:6.1.7600.16385:root\blbdrive?5:r???????????????????????i???????????????????????????????????????i???3???????????3???i?i?i???????????????3???????i??????????6.1.7600.16385??6.???i?i?i????????????????????,??i???e??????File as Volume Driver????i?i?i???????????3???????????i??????????blbdrive.inf?????i?i?i???????????3???????? ??i??????????blbdrive_device??3???i?i?i???????????3???????????i??????????.NT??3???i?i?i???????????3???3???????i???3??????root\blbdrive????i?i?i???????????3???????????i??????????Microsoft????i?i?i???????????????????????????????????i?i?i???????V???????e??LegacyDriver?3???????????????????????????.???2??????6-21-2006????????i??????s????i?i?i???????????i??????Volume??????*ntkern??????????????????????.???t???????????????g??????s????????i???b??sC??????????? ?????s????????????????????s???????s ???????????n??????nettun.inf????????N??????F????DY-E???i???????i???????????????? >
 
< ????h??k?????g???????? ????-?????s4C??LegacyDriver?2??LegacyDriver?5???????i? >
 
<  >
 
< ---- EOF - GMER 1.0.15 ---- >

< End of report >
         
--- --- ---

--- --- ---OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12/26/2011 7:10:32 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\enzo\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.97 Gb Total Physical Memory | 1.75 Gb Available Physical Memory | 44.14% Memory free
7.93 Gb Paging File | 5.81 Gb Available in Paging File | 73.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.45 Gb Total Space | 59.50 Gb Free Space | 51.09% Space Free | Partition Type: NTFS
Drive D: | 101.79 Gb Total Space | 85.28 Gb Free Space | 83.78% Space Free | Partition Type: NTFS
 
Computer Name: ENZO-PC | User Name: enzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}" = Panda Cloud Antivirus
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Lexmark Z2300 Series" = Lexmark Z2300 Series
"Microsoft Security Client" = Microsoft Security Essentials
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DEBDBF3-5AEC-4B61-B7FC-0C48CF62473C}" = MAGIX Foto Premium MX
"{60D6618B-153F-4353-8185-908E676E5888}" = ASUS FancyStart
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A16656CE-4B17-4484-A13F-22B9500E5223}" = Fast Boot
"{A4D58206-7E8F-41F2-BD94-85009F3AEA28}" = NWZ-E460 WALKMAN Guide
"{A94CA235-0C9B-475D-8018-50DDC0E3867C}" = MAGIX Foto & Grafik Designer 7
"{AFD37E69-EA05-367C-1855-182094DDC84E}" = myphotobook.de
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C38DAF06-0274-4C12-AE3A-AE1B4E75B8F4}" = MAGIX Speed burnR (MSI)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.217
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FDC9D4AE-1A9C-4206-ACBF-3A073C6443DC}" = MAGIX Screenshare
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"MAGIX_MSI_Foto_Grafik_Designer_7_FPMX" = MAGIX Foto & Grafik Designer 7
"MAGIX_MSI_Foto_Premium_MX" = MAGIX Foto Premium MX
"MediaMonkey_is1" = MediaMonkey 3.2
"MeineTraffic" = Meine Traffic 2.20
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Mozilla Thunderbird (3.1.16)" = Mozilla Thunderbird (3.1.16)
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"Panda Security URL Filtering" = Panda Security URL Filtering
"pandasecuritytb" = Panda Security Toolbar
"ST6UNST #1" = Read Router Traffic
"Toolbar Cleaner" = Toolbar Cleaner 1.0
"TraXEx_is1" = TraXEx 3.3
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VueScan" = VueScan
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Glucofacts Deluxe Updater 2.0" = Glucofacts Deluxe Updater 2.0
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12/26/2011 7:14:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 Spyware Terminator Driver Filter.  System Error: Das System kann die angegebene Datei
 nicht finden.  .
 
Error - 12/26/2011 7:20:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 12/26/2011 7:20:25 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 12/26/2011 7:21:02 AM | Computer Name = enzo-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 12/26/2011 7:24:24 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description = 
 
Error - 12/26/2011 7:24:26 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description = 
 
Error - 12/26/2011 8:23:27 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description = 
 
Error - 12/26/2011 8:23:40 AM | Computer Name = enzo-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description = 
 
Error - 12/26/2011 12:26:03 PM | Computer Name = enzo-PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft
 security client\MSESysprep.dll". Fehler in Manifest- oder Richtliniendatei "c:\program
 files\microsoft security client\MSESysprep.dll" in Zeile 10.  Das imaging-Element
 wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^assembly-Elements
 angezeigt, das von dieser Windows-Version nicht unterstützt wird.
 
Error - 12/26/2011 12:29:26 PM | Computer Name = enzo-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 12/26/2011 7:50:17 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 12/26/2011 7:50:18 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 12/26/2011 7:50:25 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxdpCATSCustConnectService erreicht.
 
Error - 12/26/2011 7:50:25 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxdpCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PRTG Service" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PRTG Watchdog" wurde aufgrund folgenden Fehlers nicht 
gestartet:   %%2
 
Error - 12/26/2011 7:50:35 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Gemeinsame Nutzung der Internetverbindung" ist von folgendem
 Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 12/26/2011 7:51:27 AM | Computer Name = enzo-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 12/26/2011 9:37:02 AM | Computer Name = enzo-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Panda Cloud Antivirus Service" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
 
< End of report >
         
--- --- ---
__________________

Alt 27.12.2011, 00:12   #4
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt





Mein Name ist Daniel und ich werde dir mit deinem Malware Relevanten Problemen helfen.

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen erst einmal durch. Sollte irgendetwas unklar sein, Frage bevor du beginnst.
  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden
  • Sollte ich innerhalb der nächsten 3 Tage keine Antwort von dir erhalten, werde ich das Thema aus meinen Abonnements löschen.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst und Installiere / Deinstalliere keine Software ohne Aufforderung.
  • Poste die Logfiles direkt in deinen Thread und nicht als Anhang, ausser du wurdest dazu aufgefordert. Erschwert mir das Auswerten.


Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.

Was hast du bitte in die Benutzerdefinierte Scan / Fixes Box kopiert ?



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe
    Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Nein.
  • Klicke auf Scan
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.



Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und speichere das Logfile.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
    Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt
Poste den Inhalt bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort
aswMBR.txt
TDSSKiller Log
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.12.2011, 07:47   #5
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Danke das du mir hilfst!


aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software
Run date: 2011-12-27 07:41:23
-----------------------------
07:41:23.134 OS Version: Windows x64 6.1.7601 Service Pack 1
07:41:23.135 Number of processors: 2 586 0x170A
07:41:23.135 ComputerName: ENZO-PC UserName: enzo
07:41:25.022 Initialize success
07:41:51.181 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:41:51.186 Disk 0 Vendor: ST925031 0002 Size: 238475MB BusType: 3
07:41:51.198 Disk 0 MBR read successfully
07:41:51.202 Disk 0 MBR scan
07:41:51.205 Disk 0 Windows VISTA default MBR code
07:41:51.220 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048
07:41:51.239 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119240 MB offset 30715904
07:41:51.244 Disk 0 Partition - 00 0F Extended LBA 104234 MB offset 274920345
07:41:51.273 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 104234 MB offset 274920408
07:41:51.282 Service scanning
07:41:54.038 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
07:41:56.955 Modules scanning
07:41:56.961 Disk 0 trace - called modules:
07:41:56.968
07:41:56.978 Scan finished successfully
07:42:18.361 Disk 0 MBR has been saved successfully to "C:\Users\enzo\Downloads\MBR.dat"
07:42:18.375 The log file has been saved successfully to "C:\Users\enzo\Downloads\aswMBR.txt"


07:43:54.0811 3672 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
07:43:54.0956 3672 ============================================================
07:43:54.0956 3672 Current date / time: 2011/12/27 07:43:54.0956
07:43:54.0956 3672 SystemInfo:
07:43:54.0956 3672
07:43:54.0956 3672 OS Version: 6.1.7601 ServicePack: 1.0
07:43:54.0956 3672 Product type: Workstation
07:43:54.0956 3672 ComputerName: ENZO-PC
07:43:54.0956 3672 UserName: enzo
07:43:54.0956 3672 Windows directory: C:\Windows
07:43:54.0956 3672 System windows directory: C:\Windows
07:43:54.0956 3672 Running under WOW64
07:43:54.0957 3672 Processor architecture: Intel x64
07:43:54.0957 3672 Number of processors: 2
07:43:54.0957 3672 Page size: 0x1000
07:43:54.0957 3672 Boot type: Normal boot
07:43:54.0957 3672 ============================================================
07:43:55.0747 3672 Initialize success
07:44:00.0890 2912 ============================================================
07:44:00.0890 2912 Scan started
07:44:00.0890 2912 Mode: Manual;
07:44:00.0890 2912 ============================================================
07:44:01.0540 2912 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:44:01.0544 2912 1394ohci - ok
07:44:01.0607 2912 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:44:01.0613 2912 ACPI - ok
07:44:01.0727 2912 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:44:01.0728 2912 AcpiPmi - ok
07:44:01.0793 2912 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:44:01.0801 2912 adp94xx - ok
07:44:01.0897 2912 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:44:01.0904 2912 adpahci - ok
07:44:01.0957 2912 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:44:01.0961 2912 adpu320 - ok
07:44:02.0057 2912 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
07:44:02.0065 2912 AFD - ok
07:44:02.0130 2912 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:44:02.0145 2912 agp440 - ok
07:44:02.0279 2912 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:44:02.0284 2912 aliide - ok
07:44:02.0402 2912 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:44:02.0404 2912 amdide - ok
07:44:02.0466 2912 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:44:02.0467 2912 AmdK8 - ok
07:44:02.0491 2912 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:44:02.0492 2912 AmdPPM - ok
07:44:02.0553 2912 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:44:02.0556 2912 amdsata - ok
07:44:02.0607 2912 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:44:02.0611 2912 amdsbs - ok
07:44:02.0650 2912 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:44:02.0652 2912 amdxata - ok
07:44:02.0673 2912 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
07:44:02.0674 2912 AmUStor - ok
07:44:02.0727 2912 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:44:02.0728 2912 AppID - ok
07:44:02.0828 2912 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:44:02.0831 2912 arc - ok
07:44:02.0856 2912 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:44:02.0859 2912 arcsas - ok
07:44:02.0929 2912 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
07:44:02.0931 2912 ASMMAP64 - ok
07:44:03.0023 2912 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:44:03.0024 2912 AsyncMac - ok
07:44:03.0083 2912 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:44:03.0085 2912 atapi - ok
07:44:03.0165 2912 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
07:44:03.0199 2912 athr - ok
07:44:03.0360 2912 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:44:03.0368 2912 b06bdrv - ok
07:44:03.0433 2912 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:44:03.0438 2912 b57nd60a - ok
07:44:03.0519 2912 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:44:03.0520 2912 Beep - ok
07:44:03.0551 2912 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:44:03.0552 2912 blbdrive - ok
07:44:03.0604 2912 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:44:03.0616 2912 bowser - ok
07:44:03.0660 2912 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:44:03.0661 2912 BrFiltLo - ok
07:44:03.0677 2912 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:44:03.0678 2912 BrFiltUp - ok
07:44:03.0799 2912 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:44:03.0805 2912 Brserid - ok
07:44:03.0840 2912 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:44:03.0841 2912 BrSerWdm - ok
07:44:03.0859 2912 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:44:03.0860 2912 BrUsbMdm - ok
07:44:03.0981 2912 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:44:03.0981 2912 BrUsbSer - ok
07:44:04.0012 2912 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:44:04.0014 2912 BTHMODEM - ok
07:44:04.0062 2912 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:44:04.0073 2912 cdfs - ok
07:44:04.0140 2912 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:44:04.0143 2912 cdrom - ok
07:44:04.0266 2912 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:44:04.0267 2912 circlass - ok
07:44:04.0308 2912 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:44:04.0315 2912 CLFS - ok
07:44:04.0468 2912 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:44:04.0469 2912 CmBatt - ok
07:44:04.0513 2912 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:44:04.0515 2912 cmdide - ok
07:44:04.0616 2912 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
07:44:04.0624 2912 CNG - ok
07:44:04.0674 2912 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:44:04.0676 2912 Compbatt - ok
07:44:04.0732 2912 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:44:04.0733 2912 CompositeBus - ok
07:44:04.0844 2912 connctfy - ok
07:44:04.0876 2912 connctfyMP - ok
07:44:04.0917 2912 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:44:04.0920 2912 crcdisk - ok
07:44:05.0061 2912 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:44:05.0073 2912 DfsC - ok
07:44:05.0124 2912 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:44:05.0125 2912 discache - ok
07:44:05.0186 2912 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:44:05.0188 2912 Disk - ok
07:44:05.0272 2912 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:44:05.0273 2912 drmkaud - ok
07:44:05.0334 2912 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:44:05.0374 2912 DXGKrnl - ok
07:44:05.0494 2912 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:44:05.0596 2912 ebdrv - ok
07:44:05.0691 2912 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:44:05.0700 2912 elxstor - ok
07:44:05.0737 2912 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:44:05.0738 2912 ErrDev - ok
07:44:05.0798 2912 ETD (5cd1005b9bc241c3ab8501d5fbf09fd4) C:\Windows\system32\DRIVERS\ETD.sys
07:44:05.0801 2912 ETD - ok
07:44:05.0893 2912 ewusbnet (251af86e0a4ddf3a6b181ed5103b06b1) C:\Windows\system32\DRIVERS\ewusbnet.sys
07:44:05.0896 2912 ewusbnet - ok
07:44:05.0940 2912 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:44:05.0954 2912 exfat - ok
07:44:06.0001 2912 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:44:06.0006 2912 fastfat - ok
07:44:06.0049 2912 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:44:06.0050 2912 fdc - ok
07:44:06.0090 2912 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:44:06.0092 2912 FileInfo - ok
07:44:06.0113 2912 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:44:06.0125 2912 Filetrace - ok
07:44:06.0154 2912 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:44:06.0155 2912 flpydisk - ok
07:44:06.0200 2912 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:44:06.0206 2912 FltMgr - ok
07:44:06.0248 2912 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:44:06.0260 2912 FsDepends - ok
07:44:06.0303 2912 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
07:44:06.0306 2912 fssfltr - ok
07:44:06.0329 2912 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
07:44:06.0332 2912 Fs_Rec - ok
07:44:06.0373 2912 FTDIBUS (0f210048c6bfbfbc0f50816bce40b575) C:\Windows\system32\drivers\ftdibus.sys
07:44:06.0376 2912 FTDIBUS - ok
07:44:06.0440 2912 FTSER2K (814f098b02095814a8bebbf86d13fc90) C:\Windows\system32\drivers\ftser2k.sys
07:44:06.0443 2912 FTSER2K - ok
07:44:06.0502 2912 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:44:06.0506 2912 fvevol - ok
07:44:06.0532 2912 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:44:06.0547 2912 gagp30kx - ok
07:44:06.0578 2912 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
07:44:06.0578 2912 ggflt - ok
07:44:06.0625 2912 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
07:44:06.0625 2912 ggsemc - ok
07:44:06.0673 2912 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:44:06.0674 2912 hcw85cir - ok
07:44:06.0740 2912 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:44:06.0745 2912 HdAudAddService - ok
07:44:06.0831 2912 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
07:44:06.0834 2912 HDAudBus - ok
07:44:06.0861 2912 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:44:06.0862 2912 HidBatt - ok
07:44:06.0893 2912 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:44:06.0895 2912 HidBth - ok
07:44:06.0916 2912 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:44:06.0917 2912 HidIr - ok
07:44:06.0970 2912 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:44:06.0971 2912 HidUsb - ok
07:44:06.0999 2912 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:44:07.0002 2912 HpSAMD - ok
07:44:07.0050 2912 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:44:07.0061 2912 HTTP - ok
07:44:07.0124 2912 hwdatacard (4b5c07db91a0099272faae732e1152bd) C:\Windows\system32\DRIVERS\ewusbmdm.sys
07:44:07.0126 2912 hwdatacard - ok
07:44:07.0171 2912 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:44:07.0172 2912 hwpolicy - ok
07:44:07.0231 2912 hwusbfake (9c13a2691ac410cc7469f298684dca5d) C:\Windows\system32\DRIVERS\ewusbfake.sys
07:44:07.0234 2912 hwusbfake - ok
07:44:07.0284 2912 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:44:07.0286 2912 i8042prt - ok
07:44:07.0378 2912 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
07:44:07.0381 2912 iaStor - ok
07:44:07.0460 2912 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:44:07.0468 2912 iaStorV - ok
07:44:07.0727 2912 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
07:44:07.0951 2912 igfx - ok
07:44:08.0073 2912 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:44:08.0076 2912 iirsp - ok
07:44:08.0143 2912 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:44:08.0146 2912 intelide - ok
07:44:08.0221 2912 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:44:08.0222 2912 intelppm - ok
07:44:08.0261 2912 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:44:08.0264 2912 IpFilterDriver - ok
07:44:08.0299 2912 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:44:08.0300 2912 IPMIDRV - ok
07:44:08.0345 2912 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:44:08.0348 2912 IPNAT - ok
07:44:08.0368 2912 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:44:08.0369 2912 IRENUM - ok
07:44:08.0405 2912 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:44:08.0407 2912 isapnp - ok
07:44:08.0459 2912 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:44:08.0464 2912 iScsiPrt - ok
07:44:08.0555 2912 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:44:08.0557 2912 kbdclass - ok
07:44:08.0611 2912 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:44:08.0612 2912 kbdhid - ok
07:44:08.0672 2912 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
07:44:08.0674 2912 kbfiltr - ok
07:44:08.0737 2912 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
07:44:08.0740 2912 KSecDD - ok
07:44:08.0781 2912 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
07:44:08.0781 2912 KSecPkg - ok
07:44:08.0828 2912 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:44:08.0828 2912 ksthunk - ok
07:44:08.0906 2912 L1E (1541d77d3eb41177bd7026d49948aa95) C:\Windows\system32\DRIVERS\L1E62x64.sys
07:44:08.0907 2912 L1E - ok
07:44:08.0962 2912 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:44:08.0963 2912 lltdio - ok
07:44:09.0095 2912 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:44:09.0098 2912 LSI_FC - ok
07:44:09.0142 2912 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:44:09.0145 2912 LSI_SAS - ok
07:44:09.0164 2912 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:44:09.0166 2912 LSI_SAS2 - ok
07:44:09.0233 2912 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:44:09.0236 2912 LSI_SCSI - ok
07:44:09.0295 2912 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:44:09.0298 2912 luafv - ok
07:44:09.0325 2912 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
07:44:09.0327 2912 lullaby - ok
07:44:09.0503 2912 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:44:09.0505 2912 megasas - ok
07:44:09.0532 2912 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:44:09.0538 2912 MegaSR - ok
07:44:09.0564 2912 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:44:09.0565 2912 Modem - ok
07:44:09.0596 2912 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:44:09.0597 2912 monitor - ok
07:44:09.0653 2912 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:44:09.0655 2912 mouclass - ok
07:44:09.0692 2912 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:44:09.0693 2912 mouhid - ok
07:44:09.0741 2912 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:44:09.0744 2912 mountmgr - ok
07:44:09.0828 2912 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
07:44:09.0844 2912 MpFilter - ok
07:44:09.0881 2912 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:44:09.0896 2912 mpio - ok
07:44:09.0928 2912 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
07:44:09.0943 2912 MpNWMon - ok
07:44:09.0990 2912 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:44:09.0992 2912 mpsdrv - ok
07:44:10.0034 2912 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:44:10.0046 2912 MRxDAV - ok
07:44:10.0092 2912 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:44:10.0106 2912 mrxsmb - ok
07:44:10.0153 2912 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:44:10.0169 2912 mrxsmb10 - ok
07:44:10.0214 2912 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:44:10.0226 2912 mrxsmb20 - ok
07:44:10.0268 2912 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:44:10.0271 2912 msahci - ok
07:44:10.0295 2912 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:44:10.0299 2912 msdsm - ok
07:44:10.0358 2912 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:44:10.0367 2912 Msfs - ok
07:44:10.0386 2912 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:44:10.0387 2912 mshidkmdf - ok
07:44:10.0429 2912 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:44:10.0432 2912 msisadrv - ok
07:44:10.0523 2912 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:44:10.0524 2912 MSKSSRV - ok
07:44:10.0560 2912 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:44:10.0561 2912 MSPCLOCK - ok
07:44:10.0578 2912 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:44:10.0579 2912 MSPQM - ok
07:44:10.0628 2912 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:44:10.0634 2912 MsRPC - ok
07:44:10.0672 2912 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:44:10.0673 2912 mssmbios - ok
07:44:10.0716 2912 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:44:10.0717 2912 MSTEE - ok
07:44:10.0744 2912 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:44:10.0745 2912 MTConfig - ok
07:44:10.0829 2912 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
07:44:10.0831 2912 MTsensor - ok
07:44:10.0871 2912 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:44:10.0874 2912 Mup - ok
07:44:10.0997 2912 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:44:11.0013 2912 NativeWifiP - ok
07:44:11.0080 2912 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:44:11.0103 2912 NDIS - ok
07:44:11.0211 2912 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:44:11.0212 2912 NdisCap - ok
07:44:11.0255 2912 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:44:11.0256 2912 NdisTapi - ok
07:44:11.0318 2912 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:44:11.0319 2912 Ndisuio - ok
07:44:11.0368 2912 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:44:11.0371 2912 NdisWan - ok
07:44:11.0422 2912 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:44:11.0423 2912 NDProxy - ok
07:44:11.0459 2912 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:44:11.0469 2912 NetBIOS - ok
07:44:11.0509 2912 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:44:11.0514 2912 NetBT - ok
07:44:11.0555 2912 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:44:11.0558 2912 nfrd960 - ok
07:44:11.0608 2912 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:44:11.0612 2912 NisDrv - ok
07:44:11.0671 2912 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:44:11.0683 2912 Npfs - ok
07:44:11.0708 2912 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:44:11.0709 2912 nsiproxy - ok
07:44:11.0787 2912 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:44:11.0833 2912 Ntfs - ok
07:44:11.0899 2912 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:44:11.0900 2912 Null - ok
07:44:11.0974 2912 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:44:11.0978 2912 nvraid - ok
07:44:11.0999 2912 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:44:12.0003 2912 nvstor - ok
07:44:12.0052 2912 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:44:12.0056 2912 nv_agp - ok
07:44:12.0089 2912 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:44:12.0091 2912 ohci1394 - ok
07:44:12.0146 2912 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:44:12.0146 2912 Parport - ok
07:44:12.0197 2912 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
07:44:12.0200 2912 partmgr - ok
07:44:12.0254 2912 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:44:12.0259 2912 pci - ok
07:44:12.0309 2912 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:44:12.0311 2912 pciide - ok
07:44:12.0352 2912 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:44:12.0357 2912 pcmcia - ok
07:44:12.0381 2912 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:44:12.0384 2912 pcw - ok
07:44:12.0417 2912 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:44:12.0427 2912 PEAUTH - ok
07:44:12.0593 2912 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:44:12.0596 2912 PptpMiniport - ok
07:44:12.0632 2912 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:44:12.0633 2912 Processor - ok
07:44:12.0793 2912 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:44:12.0797 2912 Psched - ok
07:44:12.0933 2912 PSINAflt (54d6ff8e88be3a7685a9727222ce70ef) C:\Windows\system32\DRIVERS\PSINAflt.sys
07:44:12.0938 2912 PSINAflt - ok
07:44:13.0050 2912 PSINFile (2377f49c39725ed0021d75136fb0f746) C:\Windows\system32\DRIVERS\PSINFile.sys
07:44:13.0065 2912 PSINFile - ok
07:44:13.0200 2912 PSINKNC (2dd99f249699d69bb5fb455a405e724a) C:\Windows\system32\DRIVERS\psinknc.sys
07:44:13.0200 2912 PSINKNC - ok
07:44:13.0247 2912 PSINProc (f8d7465cdd2a4ecae761ba8a0577d151) C:\Windows\system32\DRIVERS\PSINProc.sys
07:44:13.0262 2912 PSINProc - ok
07:44:13.0309 2912 PSINProt (8ce7ccb7ba1e79d78d25cb964dd5393e) C:\Windows\system32\DRIVERS\PSINProt.sys
07:44:13.0312 2912 PSINProt - ok
07:44:13.0381 2912 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:44:13.0426 2912 ql2300 - ok
07:44:13.0531 2912 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:44:13.0535 2912 ql40xx - ok
07:44:13.0562 2912 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:44:13.0563 2912 QWAVEdrv - ok
07:44:13.0577 2912 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:44:13.0578 2912 RasAcd - ok
07:44:13.0632 2912 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:44:13.0633 2912 RasAgileVpn - ok
07:44:13.0697 2912 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:44:13.0702 2912 Rasl2tp - ok
07:44:13.0825 2912 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:44:13.0826 2912 RasPppoe - ok
07:44:13.0876 2912 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:44:13.0878 2912 RasSstp - ok
07:44:13.0929 2912 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:44:13.0947 2912 rdbss - ok
07:44:13.0969 2912 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:44:13.0970 2912 rdpbus - ok
07:44:14.0004 2912 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:44:14.0005 2912 RDPCDD - ok
07:44:14.0065 2912 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:44:14.0066 2912 RDPENCDD - ok
07:44:14.0083 2912 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:44:14.0084 2912 RDPREFMP - ok
07:44:14.0131 2912 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
07:44:14.0135 2912 RDPWD - ok
07:44:14.0177 2912 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:44:14.0182 2912 rdyboost - ok
07:44:14.0244 2912 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:44:14.0247 2912 rspndr - ok
07:44:14.0313 2912 s1018bus (301fba4594fb5c0a469299a65106b4aa) C:\Windows\system32\DRIVERS\s1018bus.sys
07:44:14.0316 2912 s1018bus - ok
07:44:14.0332 2912 s1018mdfl (d1d7c744f79710357e60fc04d125ed01) C:\Windows\system32\DRIVERS\s1018mdfl.sys
07:44:14.0347 2912 s1018mdfl - ok
07:44:14.0378 2912 s1018mdm (7dbe12cccd837d4266b2ddd80a329c09) C:\Windows\system32\DRIVERS\s1018mdm.sys
07:44:14.0378 2912 s1018mdm - ok
07:44:14.0452 2912 s1018mgmt (065ff5e62d2d18a6d93fd925546cd549) C:\Windows\system32\DRIVERS\s1018mgmt.sys
07:44:14.0457 2912 s1018mgmt - ok
07:44:14.0539 2912 s1018nd5 (5101d815bdf0d667e3d5f0ea727caaee) C:\Windows\system32\DRIVERS\s1018nd5.sys
07:44:14.0542 2912 s1018nd5 - ok
07:44:14.0603 2912 s1018obex (13f220c65b444ac9bda49dacfc3230bb) C:\Windows\system32\DRIVERS\s1018obex.sys
07:44:14.0607 2912 s1018obex - ok
07:44:14.0648 2912 s1018unic (ce7d8bce80211d8a35f6bd7a87791860) C:\Windows\system32\DRIVERS\s1018unic.sys
07:44:14.0652 2912 s1018unic - ok
07:44:14.0715 2912 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:44:14.0718 2912 sbp2port - ok
07:44:14.0789 2912 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:44:14.0790 2912 scfilter - ok
07:44:14.0851 2912 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:44:14.0852 2912 secdrv - ok
07:44:14.0968 2912 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
07:44:14.0971 2912 seehcri - ok
07:44:15.0034 2912 Ser2pl (749502a6c51116a6229cf7536181907f) C:\Windows\system32\DRIVERS\ser2pl64.sys
07:44:15.0035 2912 Ser2pl - ok
07:44:15.0078 2912 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:44:15.0079 2912 Serenum - ok
07:44:15.0149 2912 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:44:15.0151 2912 Serial - ok
07:44:15.0212 2912 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:44:15.0213 2912 sermouse - ok
07:44:15.0263 2912 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:44:15.0264 2912 sffdisk - ok
07:44:15.0283 2912 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:44:15.0284 2912 sffp_mmc - ok
07:44:15.0300 2912 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:44:15.0301 2912 sffp_sd - ok
07:44:15.0337 2912 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:44:15.0338 2912 sfloppy - ok
07:44:15.0404 2912 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
07:44:15.0406 2912 SiSGbeLH - ok
07:44:15.0432 2912 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:44:15.0432 2912 SiSRaid2 - ok
07:44:15.0478 2912 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:44:15.0478 2912 SiSRaid4 - ok
07:44:15.0494 2912 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:44:15.0510 2912 Smb - ok
07:44:15.0604 2912 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys
07:44:15.0666 2912 SNP2UVC - ok
07:44:15.0814 2912 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:44:15.0817 2912 spldr - ok
07:44:15.0881 2912 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:44:15.0902 2912 srv - ok
07:44:15.0968 2912 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:44:15.0987 2912 srv2 - ok
07:44:16.0038 2912 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:44:16.0053 2912 srvnet - ok
07:44:16.0107 2912 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:44:16.0110 2912 stexstor - ok
07:44:16.0162 2912 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:44:16.0164 2912 swenum - ok
07:44:16.0275 2912 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
07:44:16.0322 2912 Tcpip - ok
07:44:16.0397 2912 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
07:44:16.0409 2912 TCPIP6 - ok
07:44:16.0474 2912 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:44:16.0475 2912 tcpipreg - ok
07:44:16.0528 2912 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:44:16.0529 2912 TDPIPE - ok
07:44:16.0531 2912 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
07:44:16.0531 2912 TDTCP - ok
07:44:16.0594 2912 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:44:16.0594 2912 tdx - ok
07:44:16.0644 2912 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:44:16.0647 2912 TermDD - ok
07:44:16.0765 2912 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:44:16.0766 2912 tssecsrv - ok
07:44:16.0826 2912 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:44:16.0827 2912 TsUsbFlt - ok
07:44:16.0926 2912 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
07:44:16.0930 2912 TuneUpUtilitiesDrv - ok
07:44:17.0053 2912 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:44:17.0059 2912 tunnel - ok
07:44:17.0088 2912 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:44:17.0091 2912 uagp35 - ok
07:44:17.0137 2912 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:44:17.0141 2912 udfs - ok
07:44:17.0206 2912 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:44:17.0209 2912 uliagpkx - ok
07:44:17.0257 2912 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
07:44:17.0258 2912 umbus - ok
07:44:17.0311 2912 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:44:17.0312 2912 UmPass - ok
07:44:17.0355 2912 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:44:17.0357 2912 usbccgp - ok
07:44:17.0403 2912 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:44:17.0405 2912 usbcir - ok
07:44:17.0425 2912 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:44:17.0427 2912 usbehci - ok
07:44:17.0481 2912 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
07:44:17.0487 2912 usbhub - ok
07:44:17.0527 2912 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
07:44:17.0528 2912 usbohci - ok
07:44:17.0557 2912 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:44:17.0558 2912 usbprint - ok
07:44:17.0612 2912 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:44:17.0613 2912 usbscan - ok
07:44:17.0649 2912 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
07:44:17.0664 2912 usbser - ok
07:44:17.0695 2912 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:44:17.0711 2912 USBSTOR - ok
07:44:17.0748 2912 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
07:44:17.0749 2912 usbuhci - ok
07:44:17.0802 2912 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
07:44:17.0805 2912 usbvideo - ok
07:44:17.0849 2912 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:44:17.0851 2912 vdrvroot - ok
07:44:17.0888 2912 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:44:17.0889 2912 vga - ok
07:44:17.0911 2912 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:44:17.0912 2912 VgaSave - ok
07:44:17.0960 2912 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:44:17.0965 2912 vhdmp - ok
07:44:18.0084 2912 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
07:44:18.0114 2912 VIAHdAudAddService - ok
07:44:18.0154 2912 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:44:18.0156 2912 viaide - ok
07:44:18.0176 2912 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:44:18.0179 2912 volmgr - ok
07:44:18.0227 2912 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:44:18.0234 2912 volmgrx - ok
07:44:18.0261 2912 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:44:18.0268 2912 volsnap - ok
07:44:18.0307 2912 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:44:18.0312 2912 vsmraid - ok
07:44:18.0343 2912 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
07:44:18.0344 2912 vwifibus - ok
07:44:18.0368 2912 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
07:44:18.0369 2912 vwififlt - ok
07:44:18.0397 2912 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
07:44:18.0398 2912 vwifimp - ok
07:44:18.0429 2912 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:44:18.0430 2912 WacomPen - ok
07:44:18.0487 2912 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:44:18.0488 2912 WANARP - ok
07:44:18.0494 2912 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:44:18.0497 2912 Wanarpv6 - ok
07:44:18.0556 2912 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:44:18.0558 2912 Wd - ok
07:44:18.0595 2912 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:44:18.0606 2912 Wdf01000 - ok
07:44:18.0678 2912 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:44:18.0679 2912 WfpLwf - ok
07:44:18.0724 2912 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
07:44:18.0738 2912 WimFltr - ok
07:44:18.0765 2912 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:44:18.0781 2912 WIMMount - ok
07:44:18.0947 2912 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
07:44:18.0949 2912 WinUsb - ok
07:44:19.0007 2912 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:44:19.0008 2912 WmiAcpi - ok
07:44:19.0139 2912 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:44:19.0140 2912 ws2ifsl - ok
07:44:19.0191 2912 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:44:19.0196 2912 WudfPf - ok
07:44:19.0229 2912 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:44:19.0233 2912 WUDFRd - ok
07:44:19.0301 2912 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
07:44:19.0398 2912 \Device\Harddisk0\DR0 - ok
07:44:19.0409 2912 Boot (0x1200) (1c5fc7e878c14b174ecad832ac6ab3ba) \Device\Harddisk0\DR0\Partition0
07:44:19.0411 2912 \Device\Harddisk0\DR0\Partition0 - ok
07:44:19.0432 2912 Boot (0x1200) (fce8fc7b48735ca883f59b339018a524) \Device\Harddisk0\DR0\Partition1
07:44:19.0434 2912 \Device\Harddisk0\DR0\Partition1 - ok
07:44:19.0434 2912 ============================================================
07:44:19.0434 2912 Scan finished
07:44:19.0434 2912 ============================================================
07:44:19.0446 4536 Detected object count: 0
07:44:19.0446 4536 Actual detected object count: 0
07:44:47.0645 4364 Deinitialize success


Geändert von garfieldcb (27.12.2011 um 07:53 Uhr)

Alt 27.12.2011, 09:11   #6
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



wenn das dir hilft hier ein bericht meines Panda Cloud Antivirus Programm


Ereignis Datum/Zeit Status Weitere Details
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Verdächtige Datei erkannt 27.12.2011 09:08:06 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\E980\4FA6.exe

Trojaner erkannt Trj/Cycbot.gen 27.12.2011 08:06:24 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\9810\023.exe

Verdächtige Datei erkannt 27.12.2011 07:35:40 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\1F36.exe

Verdächtige Datei erkannt 27.12.2011 07:35:29 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\E496.exe

Verdächtige Datei erkannt 27.12.2011 07:30:00 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\F170.exe

Verdächtige Datei erkannt 27.12.2011 07:29:50 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\F9A0\B67.exe

Verdächtige Datei erkannt 27.12.2011 07:29:49 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\89E0\F7E.exe

Verdächtige Datei erkannt 27.12.2011 07:29:47 Neutralisiert Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\0980\BD84.exe

Trojaner erkannt Trj/CI.A 27.12.2011 07:29:41 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\FE661\lvvm.exe

Synchronisierung 26.12.2011 17:17:27 Synchronisiert. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 16:37:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 16:17:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 15:57:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 15:37:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 15:17:20 Fehler. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung 26.12.2011 14:58:32 Synchronisiert. Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Cookie erkannt Cookie/Doubleclick 26.12.2011 14:38:55 Gelöscht Speicherort: C:\Users\enzo\AppData\Roaming\Microsoft\Windows\Cookies\RSTFTQQT.txt

Scan 26.12.2011 14:38:16 Gestartet Scanvorgang läuft: Gesamten Arbeitsplatz

Computer geimpft 26.12.2011 14:37:32 Geimpft. Ihr Computer wurde geimpft.

Alt 27.12.2011, 14:21   #7
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Zitat:
Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst


Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Bitte poste in deiner nächsten Antwort
Combofix.txt
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.12.2011, 22:08   #8
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Combofix Logfile:
Code:
ATTFilter
ComboFix 11-12-27.01 - enzo 27.12.2011  20:44:35.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4061.3006 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\programdata\SPL57B9.tmp
c:\programdata\SPL76C4.tmp
c:\programdata\SPL7703.tmp
c:\programdata\SPL7B27.tmp
c:\programdata\SPL89D7.tmp
c:\programdata\SPLC9F3.tmp
c:\programdata\SPLE06F.tmp
c:\programdata\SPLE0AE.tmp
c:\windows\ST6UNST.000
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-11-27 bis 2011-12-27  ))))))))))))))))))))))))))))))
.
.
2011-12-27 19:52 . 2011-12-27 19:52	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-26 13:38 . 2011-12-26 13:38	--------	d-----w-	c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37	--------	d-----w-	c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-26 13:37	--------	d-----w-	c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:37 . 2011-12-27 06:30	--------	d-----w-	c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-26 13:37	--------	d-----w-	c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	C:\temp
2011-12-26 11:14 . 2010-10-19 20:51	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09	--------	d-----w-	c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56	--------	d-----w-	c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03	--------	d-----w-	c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18	--------	d-----w-	c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16	--------	d-----w-	c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48	--------	d-----w-	c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57	--------	d-----w-	c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23	34624	----a-w-	c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23	25920	----a-w-	c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23	21312	----a-w-	c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55	--------	d-----w-	c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22	--------	d-----w-	c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29	--------	d-----w-	c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07	--------	d-----w-	c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42	--------	d-----w-	c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08	--------	d-sh--r-	c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59	--------	d-----w-	c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-11-27 21:48 . 2011-11-27 21:48	--------	d-----w-	c:\users\enzo\AppData\Local\MAGIX
2011-11-27 21:48 . 2011-11-27 21:48	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Shared
2011-11-27 21:43 . 2011-12-18 17:59	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Services
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31	106496	----a-w-	c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45	155648	----a-w-	c:\program files (x86)\Common Files\MSIactionall.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37	86696	----a-w-	c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45	72248	----a-w-	c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45	3054136	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:61071
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61071
FF - prefs.js: network.proxy.type - 1
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-lxdpmon.exe - c:\program files (x86) (x86)\Lexmark Z2300 Series\lxdpmon.exe
Wow6432Node-HKLM-Run-EzPrint - c:\program files (x86) (x86)\Lexmark Z2300 Series\ezprint.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Toolbar-Locked - (no file)
WebBrowser-{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-Glucofacts Deluxe Updater 2.0 - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-27  21:13:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-12-27 20:13
.
Vor Suchlauf: 13 Verzeichnis(se), 62.024.876.032 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.603.168.256 Bytes frei
.
- - End Of File - - F83A4FB20822CE9C752D0FAEE60F4535
         
--- --- ---

Alt 27.12.2011, 22:15   #9
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Nutzt du einen Proxy Server mit Firefox ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.12.2011, 22:53   #10
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



benutze google chrome

proxy server ? weiss nicht ganz genau was du meinst

Alt 27.12.2011, 23:39   #11
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, dass kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter:
BleepingComputer.com - ForoSpyware.com
und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.

Code:
ATTFilter
FireFox::
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61071
FF - prefs.js: network.proxy.type - 1

ClearJavaCache::

DDS::
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:61071
         
Speichere dies als CFScript.txt auf deinem Desktop.
Wichtig:
  • Stelle deine Anti Viren Software temporär ab. Dies kann ComboFix nämlich bei der Arbeit behindern. Danach wieder anstellen nicht vergessen!
  • Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein. Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Schließe alle laufenden Programme. Gehe sicher, dass ComboFix ungehindert arbeiten kann.
  • Mache nichts am PC solange ComboFix läuft.


  • In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
  • Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.
Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.



Bitte poste in deiner nächsten Antwort
Combofix.txt
Berichte ob die Umleitungen noch vorhanden sind
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.12.2011, 07:56   #12
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Combofix Logfile:
Code:
ATTFilter
ComboFix 11-12-27.01 - enzo 27.12.2011  23:57:32.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4061.2625 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\enzo\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-11-27 bis 2011-12-27  ))))))))))))))))))))))))))))))
.
.
2011-12-27 23:10 . 2011-12-27 23:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-27 23:10 . 2011-12-27 23:10	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2011-12-27 22:21 . 2011-12-27 22:21	--------	d-----w-	c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:38 . 2011-12-26 13:38	--------	d-----w-	c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37	--------	d-----w-	c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-27 22:21	--------	d-----w-	c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-27 22:21	--------	d-----w-	c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	C:\temp
2011-12-26 11:14 . 2010-10-19 20:51	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09	--------	d-----w-	c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56	--------	d-----w-	c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03	--------	d-----w-	c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18	--------	d-----w-	c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16	--------	d-----w-	c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48	--------	d-----w-	c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57	--------	d-----w-	c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23	34624	----a-w-	c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23	25920	----a-w-	c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23	21312	----a-w-	c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55	--------	d-----w-	c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22	--------	d-----w-	c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29	--------	d-----w-	c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07	--------	d-----w-	c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42	--------	d-----w-	c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08	--------	d-sh--r-	c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59	--------	d-----w-	c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31	106496	----a-w-	c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45	155648	----a-w-	c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-12-27_20.10.11   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-27 19:34	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-14 19:49 . 2011-12-27 23:13	73670              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-27 23:13	42688              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-20 13:11 . 2011-12-27 23:13	19112              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2472717812-2426843061-1815285832-1000_UserData.bin
+ 2010-10-05 16:06 . 2011-12-27 21:03	9160              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:53 . 2011-12-27 19:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-27 19:53 . 2011-12-27 19:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-04-28 12:57 . 2011-04-28 12:57	128072              c:\windows\system32\drivers\PSINProt.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	121928              c:\windows\system32\drivers\PSINProc.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	149576              c:\windows\system32\drivers\PSINKNC.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	114760              c:\windows\system32\drivers\PSINFile.sys
+ 2011-07-05 11:12 . 2011-07-05 11:12	160520              c:\windows\system32\drivers\PSINAflt.sys
- 2009-07-14 05:01 . 2011-12-27 19:53	512420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-27 23:10	512420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-27 22:21 . 2011-12-27 22:21	339968              c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-01-14 17:06 . 2011-12-27 23:10	5819258              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-01-14 17:06 . 2011-12-27 19:53	5819258              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-11-27 22:51 . 2011-12-26 23:08	3197552              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-11-27 22:51 . 2011-12-27 23:10	3197552              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-07-14 10:58 . 2011-07-14 10:58	6374912              c:\windows\Installer\469d2f.msi
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37	86696	----a-w-	c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45	72248	----a-w-	c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45	3054136	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-28  00:31:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-12-27 23:31
ComboFix2.txt  2011-12-27 20:13
.
Vor Suchlauf: 18 Verzeichnis(se), 61.351.301.120 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.193.187.328 Bytes frei
.
- - End Of File - - A75CCDCB1D7362C04D476A9AAED6DD8F
         
--- --- ---

Alt 28.12.2011, 10:56   #13
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Zitat:
Bitte poste in deiner nächsten Antwort
Combofix.txt
Berichte ob die Umleitungen noch vorhanden sind ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.12.2011, 12:38   #14
garfieldcb
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Hallo!

bis jetzt hab ich keine umleitung mehr gehabt


Combofix Logfile:
Code:
ATTFilter
ComboFix 11-12-27.01 - enzo 27.12.2011  23:57:32.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4061.2625 [GMT 1:00]
ausgeführt von:: c:\users\enzo\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\enzo\Desktop\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-11-27 bis 2011-12-27  ))))))))))))))))))))))))))))))
.
.
2011-12-27 23:10 . 2011-12-27 23:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-12-27 23:10 . 2011-12-27 23:10	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2011-12-27 22:21 . 2011-12-27 22:21	--------	d-----w-	c:\users\enzo\AppData\Local\panda2_0dn
2011-12-26 13:38 . 2011-12-26 13:38	--------	d-----w-	c:\users\enzo\AppData\Roaming\Panda Security
2011-12-26 13:37 . 2011-12-26 13:37	--------	d-----w-	c:\program files (x86)\Toolbar Cleaner
2011-12-26 13:37 . 2011-12-27 22:21	--------	d-----w-	c:\programdata\Panda Security URL Filtering
2011-12-26 13:36 . 2011-12-27 22:21	--------	d-----w-	c:\program files (x86)\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	c:\programdata\Panda Security
2011-12-26 13:36 . 2011-12-26 13:36	--------	d-----w-	C:\temp
2011-12-26 11:14 . 2010-10-19 20:51	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-12-26 11:09 . 2011-12-26 11:09	--------	d-----w-	c:\users\enzo\AppData\Local\Seven Zip
2011-12-25 21:16 . 2011-12-25 21:16	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2011-12-25 20:56 . 2011-12-25 20:56	--------	d-----w-	c:\users\enzo\AppData\Roaming\AntiBrowserSpy 2009
2011-12-25 20:55 . 2011-12-25 21:03	--------	d-----w-	c:\users\enzo\AppData\Local\Abelssoft
2011-12-25 18:16 . 2011-12-25 18:18	--------	d-----w-	c:\users\enzo\AppData\Roaming\FreeFixer
2011-12-25 18:16 . 2011-12-25 18:16	--------	d-----w-	c:\users\enzo\AppData\Local\FreeFixer
2011-12-25 18:16 . 2011-12-26 10:48	--------	d-----w-	c:\program files\FreeFixer
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\programdata\S.N.Safe&Software
2011-12-25 17:39 . 2011-12-25 17:39	--------	d-----w-	c:\program files (x86)\SnS Soft
2011-12-25 13:57 . 2011-12-25 13:57	--------	d-----w-	c:\users\enzo\AppData\Local\Ashampoo
2011-12-25 13:54 . 2011-12-14 11:23	34624	----a-w-	c:\windows\system32\TURegOpt.exe
2011-12-25 13:54 . 2011-12-14 11:23	25920	----a-w-	c:\windows\system32\authuitu.dll
2011-12-25 13:54 . 2011-12-14 11:23	21312	----a-w-	c:\windows\SysWow64\authuitu.dll
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\users\enzo\AppData\Roaming\TuneUp Software
2011-12-25 13:54 . 2011-12-25 13:54	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2012
2011-12-25 13:53 . 2011-12-25 13:55	--------	d-----w-	c:\programdata\TuneUp Software
2011-12-25 13:53 . 2011-12-25 13:53	--------	d-sh--w-	c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony Corporation
2011-12-24 11:26 . 2011-12-24 11:26	--------	d-----w-	c:\users\enzo\AppData\Local\Sony
2011-12-24 11:25 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\Podcasts
2011-12-24 11:23 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Common Files\Sony Shared
2011-12-24 11:22 . 2011-12-24 11:22	--------	d-----w-	c:\program files (x86)\TraXEx
2011-12-24 11:19 . 2011-12-24 11:23	--------	d-----w-	c:\program files (x86)\Sony Media Go Install
2011-12-24 11:17 . 2011-12-24 11:25	--------	d-----w-	c:\users\enzo\AppData\Roaming\Sony
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\programdata\Sony Corporation
2011-12-24 11:15 . 2011-12-26 11:09	--------	d-----w-	c:\program files (x86)\Sony
2011-12-22 23:42 . 2011-12-27 06:29	--------	d-----w-	c:\users\enzo\AppData\Roaming\FE661
2011-12-22 23:41 . 2011-12-27 08:07	--------	d-----w-	c:\users\enzo\AppData\Roaming\02BFE
2011-12-19 16:59 . 2011-12-26 10:42	--------	d-----w-	c:\users\enzo\Tracing
2011-12-18 18:04 . 2011-12-25 17:08	--------	d-sh--r-	c:\users\enzo\M-1-25-5432-6437-5685
2011-12-18 17:52 . 2011-12-18 17:59	--------	d-----w-	c:\program files (x86)\MAGIX
2011-12-14 21:05 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 21:00 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 20:59 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 20:59 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 20:59 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 20:59 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 11:53 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-11-22 11:53 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-10-03 04:06 . 2010-09-26 09:10	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-09-29 16:29 . 2011-11-09 19:29	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2009-04-08 17:31 . 2009-04-08 17:31	106496	----a-w-	c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45	155648	----a-w-	c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2011-12-27_20.10.11   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-27 19:34	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	32768              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-27 23:11	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-27 19:34	16384              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-14 19:49 . 2011-12-27 23:13	73670              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-12-27 23:13	42688              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-20 13:11 . 2011-12-27 23:13	19112              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2472717812-2426843061-1815285832-1000_UserData.bin
+ 2010-10-05 16:06 . 2011-12-27 21:03	9160              c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-27 19:53 . 2011-12-27 19:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-12-27 23:11 . 2011-12-27 23:11	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-12-27 19:53 . 2011-12-27 19:53	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-04-28 12:57 . 2011-04-28 12:57	128072              c:\windows\system32\drivers\PSINProt.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	121928              c:\windows\system32\drivers\PSINProc.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	149576              c:\windows\system32\drivers\PSINKNC.sys
+ 2011-04-28 12:57 . 2011-04-28 12:57	114760              c:\windows\system32\drivers\PSINFile.sys
+ 2011-07-05 11:12 . 2011-07-05 11:12	160520              c:\windows\system32\drivers\PSINAflt.sys
- 2009-07-14 05:01 . 2011-12-27 19:53	512420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-27 23:10	512420              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-27 22:21 . 2011-12-27 22:21	339968              c:\windows\Installer\{50431EE1-C1CC-4AE7-BDE3-B60536E7BA92}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-01-14 17:06 . 2011-12-27 23:10	5819258              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-01-14 17:06 . 2011-12-27 19:53	5819258              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-8192.dat
- 2011-11-27 22:51 . 2011-12-26 23:08	3197552              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-11-27 22:51 . 2011-12-27 23:10	3197552              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2472717812-2426843061-1815285832-1000-12288.dat
+ 2011-07-14 10:58 . 2011-07-14 10:58	6374912              c:\windows\Installer\469d2f.msi
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37	86696	----a-w-	c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]
"PSUNMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-9-14 12862]
TraXEx PC-Putzer.lnk - c:\program files (x86)\TraXEx\TraXEx.exe [2011-12-24 4047184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-09-14 19:45	72248	----a-w-	c:\windows\AsScrProlog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-14 19:45	3054136	----a-w-	c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52	104936	----a-w-	c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R2 PRTGService;PRTG Service;c:\program files (x86)\PRTG Traffic Grapher\PRTG Traffic Grapher.exe [x]
R2 prtgwatchservice;PRTG Watchdog;c:\program files (x86)\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2009-08-19 1044648]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [x]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [x]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [x]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-22 20:16]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000Core.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
2011-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2472717812-2426843061-1815285832-1000UA.job
- c:\users\enzo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 15:49]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 415256]
"lxdpmon.exe"="c:\program files (x86)\Lexmark Z2300 Series\lxdpmon.exe" [2009-09-14 672424]
"EzPrint"="c:\program files (x86)\Lexmark Z2300 Series\ezprint.exe" [2009-09-14 107176]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://go.1und1.de/br/ie9_startpage
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\enzo\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - c:\program files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk
IE: {{8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - c:\program files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\enzo\AppData\Roaming\Mozilla\Firefox\Profiles\vz51ttxw.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: softonic-de3 Community Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - %profile%\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF - Ext: Free YouTube Download (Free Studio) Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-12-28  00:31:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-12-27 23:31
ComboFix2.txt  2011-12-27 20:13
.
Vor Suchlauf: 18 Verzeichnis(se), 61.351.301.120 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 61.193.187.328 Bytes frei
.
- - End Of File - - A75CCDCB1D7362C04D476A9AAED6DD8F
         
--- --- ---

Alt 28.12.2011, 19:08   #15
Larusso
/// Selecta Jahrusso
 
Inernetseiten werden falsch angezeigt - Standard

Inernetseiten werden falsch angezeigt



Ich sehe das Du sogenannte Registry Cleaner am System hast.
In deinem Fall TuneUp.

Wir empfehlen auf keinen Fall jegliche Art von Registry Cleaner.

Der Grund ist ganz einfach:

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr booted.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.
Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Ich empfehle Dir hiermit die oben genannte Software zu deinstallieren und in Zukunft auf solche Art von Software zu verzichten.



Downloade Dir bitte Malwarebytes
  • Installiere das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte poste in deiner nächsten Antwort
MBAM Log
Log.txt
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu Inernetseiten werden falsch angezeigt
angezeigt, ausprobiert, bräuchte, erfolg, erfolgreich, erklärt, falsch, gmer, google, hijack, links, lösen, problem, programme, programmen, seite, seiten, stehe, versuch, vorgehen, wirklich, öffnet



Ähnliche Themen: Inernetseiten werden falsch angezeigt


  1. Festplattenspeicher wird falsch angezeigt?
    Alles rund um Windows - 25.04.2015 (2)
  2. Windows 7: Werbewebseiten werden ungefragt angezeigt. Addons von Chrome und Firefoc können nicht entfernt werden. IE startet nicht
    Plagegeister aller Art und deren Bekämpfung - 22.08.2014 (22)
  3. Google Suchbegriffe werden falsch weitergeleitet
    Log-Analyse und Auswertung - 24.10.2011 (14)
  4. Google leitet falsch weiter & ... .exe hat ein Problem festgestellt und muss beendet werden
    Log-Analyse und Auswertung - 11.11.2010 (11)
  5. google links werden falsch umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 29.04.2010 (7)
  6. Passwort wird als Falsch angezeigt obwohl zu 120% richtig
    Plagegeister aller Art und deren Bekämpfung - 14.02.2010 (2)
  7. Googleergebnisse werden falsch weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (1)
  8. CPU falsch angezeigt!
    Alles rund um Windows - 05.12.2009 (2)
  9. Pc ist langsam und Desktop-Icons werden teilweise falsch/nicht angezeigt
    Log-Analyse und Auswertung - 11.11.2009 (1)
  10. CD/DVD Laufwerke werden nicht mehr oder falsch erkannt
    Netzwerk und Hardware - 24.07.2009 (6)
  11. Probleme IE links werden falsch oder garnicht angezeigt - Hilfe
    Log-Analyse und Auswertung - 03.12.2008 (1)
  12. Probleme: Internet ist langsam geworden, Google links werden falsch geöfnet.
    Log-Analyse und Auswertung - 05.10.2008 (22)
  13. google links werden falsch verlinkt! Hijacking?
    Plagegeister aller Art und deren Bekämpfung - 21.04.2007 (12)
  14. Miniaturbilder im Windows-Explorer werden falsch angezeigt
    Alles rund um Windows - 04.06.2005 (6)
  15. dateiname ist falsch oder kann nicht gefunden werden
    Plagegeister aller Art und deren Bekämpfung - 14.01.2004 (5)
  16. HTML: Tabelle wird im IE korrekt angezeigt, aber im Mozilla falsch! Bild inside!
    Alles rund um Windows - 14.12.2003 (17)

Zum Thema Inernetseiten werden falsch angezeigt - Hallo! Habe das problem das wenn ich links benutze z.B. bei google werde ich jedes mal auf nicht seriöse seiten umgeleitet. Erst beim zweiten versuch öffnet sich die wirklich angewählte - Inernetseiten werden falsch angezeigt...
Archiv
Du betrachtest: Inernetseiten werden falsch angezeigt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.