| |
| |||||||
Log-Analyse und Auswertung: online.loginwinnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.07.2013, 19:48
| #1 |
| |  online.loginwinner Hallo Zusammen, oben genanntes Problem habe ich seit circa einer Woche. Nach vollendetem Starten meines Rechners erscheint eine Website über den Internet Explorer. In der Adressleiste lese ich u.A.: Online.loginwinner etc. bla bla. nun habe ich auf Anweisungen einen Scan per OTL durchgeführt und es haut mir folgenden Text raus mit dem ich nichts anfangen kann. Kann mir bitte jemand erklären wie es nun um meinen Rechner steht und was zu tun ist??? Vielen Dank!OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.07.2013 20:30:31 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fujitsu\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,98 Gb Total Physical Memory | 0,44 Gb Available Physical Memory | 22,17% Memory free 3,95 Gb Paging File | 1,73 Gb Available in Paging File | 43,88% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 465,76 Gb Total Space | 412,46 Gb Free Space | 88,56% Space Free | Partition Type: NTFS Drive D: | 232,79 Gb Total Space | 162,66 Gb Free Space | 69,88% Space Free | Partition Type: NTFS Drive E: | 602,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: FUJITSU-PC | User Name: Fujitsu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Fujitsu\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Programme\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) PRC - C:\Programme\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) PRC - C:\Programme\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) PRC - C:\Programme\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) PRC - C:\Programme\BlueStacks\HD-SharedFolder.exe (BlueStack Systems) PRC - C:\Programme\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) PRC - C:\Programme\BlueStacks\HD-Network.exe (BlueStack Systems) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\2db8b91a7e8afbeb6ab9054b5106e76d\Kies.Theme.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\d57a64d4d9380a736795eee3558884ec\DummyStorePlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\e9e3be409bcdf8a5ee93c2cb52fd8b16\DevicePodcast.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\21923f64b8f95a5739bc162861ef5031\DeviceStoryAlbum.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\3bf70c1b2360308f885dd42c485e1688\DevicePhoto.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\c6b101d79aa2301fc9bfa663b770d675\DeviceVideo.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\35c2064b31b185e0e383a7098f674d19\DeviceMusic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\a949e391c3a1c0517f7bc8203177e4b7\VideoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\03509c57343d15b04c3e500881468935\PhotoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\001283ee4908fe306edc3bb7e51fe482\Phonebook.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\6951958877abfeca12ee544dcbc2baae\StoryAlbumManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\a3e9cc0d7c111e7d26e2a69f4f036cbe\MusicManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\477c7cbb61eceeef3a99224a1e01fe83\BATPlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\75c7c575f6689e92dddebc4dec03936a\Kies.Common.StoreManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\98c215519de00140fecea93f7e87d760\Kies.Common.MediaDB.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\b15c7177336990934904f2a4d00d21c6\Kies.Common.AllShare.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\568318788ecfc9987a25e22210bb3969\Kies.Common.DBManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\d24ae78193182f99851ab2358659e07b\Kies.Common.CRMManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\0f251eba2d65062006a708789162fe58\Podcaster.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3aa8d08a7455381a10b860f4e6f31688\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\df834c343e35a061038e47b4c90d2a76\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\a6bca8254ab5bfeeea96b9afab85f7b3\Kies.Common.DeviceServiceLib.FileService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\2592fcf4d587518cb3115916e7806e00\Interop.DevFileServiceLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\31b845187a60f9a691fc1feabd776f7e\Kies.Common.DeviceService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\334099e2ebfe8d3a68e3aa5dd1eb618a\DeviceCommonLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\0d0137de25181121dc788106727cb711\Kies.Plugin.ContentsManagerLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\aed0bb697deb98de0a5ee5de1ee4bb21\Kies.Common.MainUI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d7f78f8f871796b0ebbbc25b4156d684\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\18a5d637fa6a693d15ebaa6959e16dad\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\9be3616211decebc794481994113cdaf\Interop.PRPLAYERCORELib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\76f0bf746b24ffe5fd168acc4d021480\Kies.Common.Multimedia.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\908e33acf85416e9ab6f26266152f7ef\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\766a34ab34f3aa3646eb551a409ac168\Kies.Common.DeviceServiceLib.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\27d42c72dfd22ffa00ae47ea2b66dee0\DeviceHost.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\6e7badfd594eb3550f41f8b46150bb7d\Kies.Common.Util.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\fb132142a1e27a6d36ba83c77610dcc4\Kies.Locale.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\915089dd1e5527b679903f9e60185559\Interop.DeviceSearchLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\9832b22c236b2ad18c0f809d6164017b\Kies.UI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\49730b0464662fd6abc7c48ae056dbcf\Kies.MVVM.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\ab1583c63744f2b1823d4b7f5a1d29f1\Kies.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\81f9e6e35aef6525350fd43c1aa39e81\Kies.ni.exe () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\b2d389d76df5b2143fc6b3638c379dd4\HD-Agent.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ce6b7579fbb77330560e9122d1cf6526\System.Web.ni.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\ppgooglenaclpluginchrome.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\pdf.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\libglesv2.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\libegl.dll () MOD - C:\Programme\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\9bc3c10fc4e362243a5fdc1c660fc2ea\JSON.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (BstHdLogRotatorSvc) -- C:\Programme\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (BstHdDrv) -- C:\Programme\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems) DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV - (iaStorA) -- C:\Windows\System32\drivers\iaStorA.sys (Intel Corporation) DRV - (iaStorF) -- C:\Windows\System32\drivers\iaStorF.sys (Intel Corporation) DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CF 50 34 4D 3F 53 CE 01 [binary data] IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\..\SearchScopes,DefaultScope = {C9410FED-F443-4133-9E16-30DA94A29D5E} IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\..\SearchScopes\{C9410FED-F443-4133-9E16-30DA94A29D5E}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - Extension: Google Docs = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [BlueStacks Agent] C:\Programme\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-1482170188-4151695629-2008753987-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1482170188-4151695629-2008753987-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0447735D-B414-4DD3-BD13-0970384727CD}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13140994-023E-451F-93EE-3B72B228E1DD}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2003.01.17 22:32:20 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ] O32 - AutoRun File - [2003.01.13 22:01:56 | 001,101,824 | R--- | M] () - E:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2003.01.13 09:28:00 | 000,002,012 | R--- | M] () - E:\autorun.csf -- [ CDFS ] O32 - AutoRun File - [2003.01.13 09:28:00 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{8def21cf-bf34-11e2-86b0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8def21cf-bf34-11e2-86b0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2003.01.13 22:01:56 | 001,101,824 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.02 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\Command and Conquer Generals Data [2013.07.02 21:28:05 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\Samsung S3 [2013.07.02 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2013.07.02 21:18:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.07.02 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Samsung [2013.07.02 21:18:06 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\Samsung [2013.07.02 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\samsung [2013.07.02 21:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec [2013.07.02 21:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec [2013.07.02 21:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2013.07.02 21:12:13 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2013.07.02 21:12:01 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll [2013.07.02 21:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2013.07.02 21:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2013.07.02 21:08:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.07.02 21:01:22 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\Documents\2gb sd datenrettung 02.07.2013 [2013.07.02 19:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games [2013.07.02 19:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games [2013.07.01 18:26:47 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\GrabIt [2013.07.01 18:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt [2013.07.01 18:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\GrabIt [2013.07.01 18:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2013.06.21 17:38:18 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.06.21 17:38:14 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.06.21 17:38:14 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.06.21 17:38:13 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.06.16 16:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center [2013.06.16 16:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center [2013.06.14 00:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.06.14 00:31:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.06.14 00:30:46 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013.06.14 00:30:46 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.06.14 00:30:24 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.06.14 00:27:09 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\OpenOffice.org [2013.06.14 00:23:23 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.06.14 00:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2013.06.14 00:21:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2013.06.14 00:15:52 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Local\Downloaded Installations [2013.06.14 00:15:42 | 000,000,000 | ---D | C] -- C:\Users\Fujitsu\AppData\Roaming\DSite [2013.06.14 00:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.06.12 16:16:26 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.06.12 16:16:25 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.12 16:14:23 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.06.12 16:14:23 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.06.12 16:14:22 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.06.12 16:14:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.06.12 16:14:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.06.12 16:14:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.06.12 16:14:21 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.06.12 16:14:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.06.12 15:39:49 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.06.12 15:39:44 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll [2013.06.12 15:39:39 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2013.06.12 15:39:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll [2013.06.12 15:39:35 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.06.12 15:39:35 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe ========== Files - Modified Within 30 Days ========== [2013.07.05 20:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.05 20:15:11 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\DSite.job [2013.07.05 20:15:10 | 000,000,005 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\WBPU-TTL.DAT [2013.07.05 19:46:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.05 19:04:04 | 000,001,852 | ---- | M] () -- C:\Users\Fujitsu\Desktop\Command & Conquer Generals.lnk [2013.07.05 18:54:46 | 000,657,074 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.07.05 18:54:46 | 000,618,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.07.05 18:54:46 | 000,131,522 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.07.05 18:54:46 | 000,107,674 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.07.05 18:53:22 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 18:53:22 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.05 18:47:38 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.05 18:47:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.05 18:47:13 | 1590,484,992 | -HS- | M] () -- C:\hiberfil.sys [2013.07.03 20:28:24 | 000,437,880 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.07.02 21:17:36 | 000,001,952 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2013.07.02 21:17:36 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2013.07.02 20:12:23 | 000,000,613 | ---- | M] () -- C:\Windows\eReg.dat [2013.07.01 18:25:12 | 000,000,941 | ---- | M] () -- C:\Users\Fujitsu\Desktop\GrabIt.lnk [2013.06.25 15:35:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.06.21 16:47:35 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.06.16 16:34:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf [2013.06.16 16:23:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf [2013.06.14 21:48:42 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.14 21:48:42 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.06.14 00:45:21 | 000,303,104 | ---- | M] () -- C:\Users\Fujitsu\Documents\Datenbank1.accdb [2013.06.14 00:33:20 | 000,002,440 | ---- | M] () -- C:\Users\Fujitsu\Documents\Testdatenbank.odb [2013.06.14 00:27:23 | 000,001,197 | ---- | M] () -- C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.06.14 00:23:23 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.06.12 21:48:23 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013.06.12 21:48:17 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.06.12 21:48:00 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.06.12 21:43:48 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.06.12 21:43:44 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.06.12 21:43:25 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb ========== Files Created - No Company Name ========== [2013.07.05 19:04:04 | 000,001,852 | ---- | C] () -- C:\Users\Fujitsu\Desktop\Command & Conquer Generals.lnk [2013.07.02 21:17:36 | 000,001,952 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2013.07.02 21:17:36 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2013.07.02 20:12:23 | 000,000,613 | ---- | C] () -- C:\Windows\eReg.dat [2013.07.01 18:25:12 | 000,000,941 | ---- | C] () -- C:\Users\Fujitsu\Desktop\GrabIt.lnk [2013.07.01 18:18:15 | 000,001,404 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2013.06.25 15:35:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.06.17 18:15:14 | 000,000,005 | ---- | C] () -- C:\Users\Fujitsu\AppData\Roaming\WBPU-TTL.DAT [2013.06.16 16:34:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf [2013.06.16 16:23:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf [2013.06.14 21:48:45 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.14 00:41:28 | 000,303,104 | ---- | C] () -- C:\Users\Fujitsu\Documents\Datenbank1.accdb [2013.06.14 00:28:06 | 000,002,440 | ---- | C] () -- C:\Users\Fujitsu\Documents\Testdatenbank.odb [2013.06.14 00:27:23 | 000,001,197 | ---- | C] () -- C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.06.14 00:23:23 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.06.14 00:15:43 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\DSite.job [2013.05.22 20:43:52 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2013.05.22 20:43:48 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2013.05.22 20:43:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2013.05.22 20:43:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2013.05.22 20:43:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2013.05.19 19:10:55 | 000,007,605 | ---- | C] () -- C:\Users\Fujitsu\AppData\Local\Resmon.ResmonCfg [2013.05.18 21:49:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2013.05.18 21:48:07 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2013.05.17 22:54:26 | 000,369,117 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012.12.14 02:02:20 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll [2012.12.14 02:02:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2012.12.14 02:02:20 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2012.11.27 14:51:06 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin [2012.11.27 14:51:02 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin [2012.11.27 14:51:00 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.05.19 19:13:22 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Alarmstufe Rot 3 Der Aufstand [2013.06.01 17:52:48 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Command & Conquer 3 Tiberium Wars [2013.06.14 00:15:42 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\DSite [2013.07.01 18:26:52 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\GrabIt [2013.06.14 00:27:09 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\OpenOffice.org [2013.05.18 21:37:41 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Origin [2013.07.02 21:18:06 | 000,000,000 | ---D | M] -- C:\Users\Fujitsu\AppData\Roaming\Samsung ========== Purity Check ========== < End of report > |
| Themen zu online.loginwinner |
| adobe flash player, autorun, bho, bluestacks, browser, defender, desktop, firefox, flash player, format, google, iexplore.exe, internet, logfile, nvidia, plug-in, problem, programme, realtek, registry, samsung kies, scan, security, senden, software, starten, tarma, taskhost.exe, windows, wmp |
Baum-Darstellung