Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Google Chrome geht nicht und ausgehende Aktionen erkannt

Google Chrome geht nicht und ausgehende Aktionen erkannt


Plagegeister aller Art und deren Bekämpfung: Google Chrome geht nicht und ausgehende Aktionen erkannt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.06.2011, 08:01   #1
Gekritzelt
 
Google Chrome geht nicht und ausgehende Aktionen erkannt - Standard

Google Chrome geht nicht und ausgehende Aktionen erkannt


Hallo,

Schritt 1: ich drehe hier noch am Rad. Seit kurzem geht Google Chrome nicht mehr richtig bzw. nur noch sporadisch. Ich dachte zuerst, das hat was mit "facemoods" zu tun, was sich wohl meine Freundin eingefangen hat, aber daran liegt es wohl nicht. Habe daraufhin HijackThis durchlaufen lassen und auch die stufen facemoods für gefährlich ein. Habe die Dateien gefixed aber das Problem bestand weiterhin.

Schritt 2: Dann habe ich Avast! runtergeladen und das System überprüfen lassen - Ergebnis: Absolut nichts gefunden.

ABER es kommt immer wieder eine Meldung von wegen URL:Mal : Datei windows/explorer.exe zu Facebook.com


Habe davor schon Facebook gesperrt, weil meine Freundin sich darauf immer irgendwas einfängt und ich bin mir sicher, dass es auch diesmal an Facebook liegt. Aber diesmal komme ich nicht weiter.


Schritt 3:Da Avast! nichts gefunden hat, habe ich Malwarebytes heruntergeladen, aktualisiert und einen vollständigen Scan gemacht. Hier wurden auch infizierte Dateien gefunden, aber wohl ehr harmlosere Sachen. Bis auf die WilliamHill Poker-Datei und Bingofun-Datei habe ich alles löschen lassen. Problem besteht aber noch weiterhin, wie nicht anders zu erwarten.

Seit ich MWB installiert habe, bekomme ich auch nahezu jede Minute ein InfoPopup, dass ein Zugang zu einer gefährlichen Seite gestoppt wurde. Datei: taskhost.exe

LogFile s.u.

Schritt 4:

Als nächstes und letztes habe ich OLT geladen und einen Quick Scan durchgeführt. Virenprogramme waren noch im Hintergrund am Laufen. Wusste nicht, wie ich Alvast! schließen soll.

Auch hier Log s.u.


LogFile MalwareBytes:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6950

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

26.06.2011 05:44:55
mbam-log-2011-06-26 (05-44-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 274194
Laufzeit: 1 Stunde(n), 55 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\William Hill Poker (PUP.Casino) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{089D51F0-49F9-B216-0ECE-983C6B0A3A3C} (Trojan.ZbotR.Gen) -> Value: {089D51F0-49F9-B216-0ECE-983C6B0A3A3C} -> Delete on reboot.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Poker\william hill poker\_setuppoker_f066d_en.exe (PUP.Casino) -> Not selected for removal.
c:\Recycle.Bin\recycle.bin.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\testaccount\downloads\bingofunsetup.exe (PUP.AdGame) -> Not selected for removal.
c:\Users\testaccount\AppData\Roaming\Qyog\itvy.exe (Trojan.ZbotR.Gen) -> Quarantined and deleted successfully.

LogFile OLT

Code:
ATTFilter
OTL logfile created on: 6/26/2011 5:53:29 AM - Run 1
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\TestAccount\Desktop
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1014.43 Mb Total Physical Memory | 349.13 Mb Available Physical Memory | 34.42% Memory free
1.99 Gb Paging File | 0.60 Gb Available in Paging File | 30.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.97 Gb Total Space | 32.28 Gb Free Space | 48.20% Space Free | Partition Type: NTFS
Drive D: | 66.98 Gb Total Space | 50.95 Gb Free Space | 76.07% Space Free | Partition Type: NTFS
 
Computer Name: TESTACCOUNT-PC | User Name: TestAccount | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/06/26 05:49:41 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\TestAccount\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/15 03:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/06/24 22:32:44 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/24 22:32:44 | 001,155,256 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
PRC - [2010/06/24 22:32:44 | 000,746,352 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
PRC - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/01/19 11:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/08 01:47:52 | 000,832,512 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/09/07 12:42:04 | 000,093,184 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/08/23 06:47:34 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
PRC - [2009/08/11 17:09:52 | 002,360,608 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
PRC - [2009/08/11 17:09:52 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/08/11 17:09:52 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/06/26 05:49:41 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\TestAccount\Desktop\OTL.exe
MOD - [2011/05/10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009/01/23 03:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\saHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/05/31 20:32:58 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/05/31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/04/15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/08/11 17:09:52 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/06/15 11:10:00 | 000,282,624 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\System32\yk62x86.dll -- (yksvc)
SRV - [2009/01/23 03:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/07/18 15:17:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/05/31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/05/31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/05/31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2010/05/31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/05/31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/05/31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/05/31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2010/05/31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/05/31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/21 20:58:28 | 001,218,048 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/19 08:29:26 | 000,117,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hspamdm.sys -- (hspamdm)
DRV - [2009/08/19 08:29:26 | 000,096,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hspaserd.sys -- (hspaserd) SAMSUNG HSPA Modem Diagnostic Serial Port (WDM)
DRV - [2009/08/19 08:29:26 | 000,089,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hspabus.sys -- (hspabus) SAMSUNG HSPA USB Composite Device driver (WDM)
DRV - [2009/08/19 08:29:26 | 000,012,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hspamdfl.sys -- (hspamdfl)
DRV - [2009/08/10 20:43:34 | 000,237,696 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMC326.sys -- (VMC326)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/06/15 11:10:00 | 000,313,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2006/09/24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\windows\system32\speedfan.sys -- (speedfan)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.7.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/06/24 22:15:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/03/14 03:10:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/03/14 03:10:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/26 00:18:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 20:48:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/23 20:48:38 | 000,000,000 | ---D | M]
 
[2010/07/07 15:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Extensions
[2011/06/26 00:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Firefox\Profiles\iucr74nb.default\extensions
[2011/04/07 01:51:57 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Firefox\Profiles\iucr74nb.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/05/24 22:27:03 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Firefox\Profiles\iucr74nb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/06/23 20:12:12 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Firefox\Profiles\iucr74nb.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/05/24 22:27:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\TestAccount\AppData\Roaming\mozilla\Firefox\Profiles\iucr74nb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/12/13 03:44:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010/07/10 20:55:02 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/28 23:32:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/13 03:44:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/06/26 00:18:27 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/03/14 03:10:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/03/14 03:10:06 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011/06/24 22:15:38 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2010/05/31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/04/13 02:01:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/13 02:01:50 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/06/04 05:52:29 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/04/13 02:01:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/13 02:01:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/13 02:01:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100726195230.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [{089D51F0-49F9-B216-0ECE-983C6B0A3A3C}]  File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6b24539b-926f-11df-8b36-0c6076bed795}\Shell - "" = AutoRun
O33 - MountPoints2\{6b24539b-926f-11df-8b36-0c6076bed795}\Shell\AutoRun\command - "" = E:\install.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet: mfefirek - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.ZMBV - C:\windows\System32\zmbv.dll ()

 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/26 05:51:18 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\TestAccount\Desktop\OTL.exe
[2011/06/26 03:38:45 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\AppData\Roaming\Malwarebytes
[2011/06/26 03:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/26 03:38:22 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/06/26 03:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/26 03:38:15 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/06/26 01:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/26 00:20:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/06/26 00:20:07 | 000,307,928 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2011/06/26 00:20:07 | 000,019,544 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2011/06/26 00:20:01 | 000,025,432 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys
[2011/06/26 00:20:00 | 000,049,240 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2011/06/26 00:19:59 | 000,441,176 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2011/06/26 00:19:56 | 000,053,592 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2011/06/26 00:17:56 | 000,040,112 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2011/06/26 00:17:47 | 000,199,304 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2011/06/26 00:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/06/26 00:17:14 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/23 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\AppData\Roaming\Template
[2011/06/17 23:03:25 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\AppData\Roaming\Siysa
[2011/06/17 23:03:25 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\AppData\Roaming\Qyog
[2011/06/12 08:46:18 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\AppData\Roaming\vlc
[2011/06/12 06:19:20 | 000,000,000 | ---D | C] -- C:\Users\TestAccount\Documents\Firstload
[2011/06/04 05:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\facemoods.com
[2011/06/04 05:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011/06/02 22:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/02 22:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Google
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/26 06:08:02 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/26 05:49:50 | 000,054,016 | ---- | M] () -- C:\windows\System32\drivers\dherdjr.sys
[2011/06/26 05:49:41 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\TestAccount\Desktop\OTL.exe
[2011/06/26 00:20:09 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/26 00:19:56 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2011/06/25 22:13:19 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 12:28:11 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/06/24 13:04:06 | 000,010,272 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 13:04:06 | 000,010,272 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/23 20:48:58 | 000,001,903 | ---- | M] () -- C:\Users\TestAccount\Desktop\Mozilla Firefox.lnk
[2011/06/23 20:07:48 | 000,000,000 | ---- | M] () -- C:\Users\TestAccount\AppData\Roaming\wklnhst.dat
[2011/06/23 19:41:36 | 000,684,954 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2011/06/23 19:41:36 | 000,680,010 | ---- | M] () -- C:\windows\System32\perfh010.dat
[2011/06/23 19:41:36 | 000,643,866 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/06/23 19:41:36 | 000,607,190 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/06/23 19:41:36 | 000,127,070 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2011/06/23 19:41:36 | 000,126,394 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/06/23 19:41:36 | 000,124,006 | ---- | M] () -- C:\windows\System32\perfc010.dat
[2011/06/23 19:41:36 | 000,103,568 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/06/23 19:35:34 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/12 06:18:26 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2011/06/26 05:49:50 | 000,054,016 | ---- | C] () -- C:\windows\System32\drivers\dherdjr.sys
[2011/06/26 00:20:09 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/23 20:48:58 | 000,001,903 | ---- | C] () -- C:\Users\TestAccount\Desktop\Mozilla Firefox.lnk
[2011/06/23 20:07:48 | 000,000,000 | ---- | C] () -- C:\Users\TestAccount\AppData\Roaming\wklnhst.dat
[2011/06/12 06:18:26 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/02 22:03:35 | 000,001,106 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/02 22:03:31 | 000,001,102 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/10 22:38:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/07 19:08:48 | 000,000,026 | ---- | C] () -- C:\windows\NeoSetup.INI
[2010/04/09 22:08:26 | 000,094,208 | ---- | C] () -- C:\windows\System32\zmbv.dll
[2010/02/09 20:28:49 | 000,000,002 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/02/09 19:52:03 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/11/10 20:19:53 | 000,680,010 | ---- | C] () -- C:\windows\System32\perfh010.dat
[2009/11/10 20:19:53 | 000,335,478 | ---- | C] () -- C:\windows\System32\perfi010.dat
[2009/11/10 20:19:53 | 000,124,006 | ---- | C] () -- C:\windows\System32\perfc010.dat
[2009/11/10 20:19:53 | 000,037,534 | ---- | C] () -- C:\windows\System32\perfd010.dat
[2009/11/10 20:10:03 | 000,643,866 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009/11/10 20:10:03 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009/11/10 20:10:03 | 000,126,394 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009/11/10 20:10:03 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009/11/10 19:59:19 | 000,684,954 | ---- | C] () -- C:\windows\System32\perfh00C.dat
[2009/11/10 19:59:19 | 000,344,522 | ---- | C] () -- C:\windows\System32\perfi00C.dat
[2009/11/10 19:59:19 | 000,127,070 | ---- | C] () -- C:\windows\System32\perfc00C.dat
[2009/11/10 19:59:19 | 000,038,160 | ---- | C] () -- C:\windows\System32\perfd00C.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,371,000 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,607,190 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,103,568 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/14 00:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/14 00:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/14 00:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/14 00:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2010/07/07 15:27:09 | 000,000,000 | -HSD | M] -- C:\Users\TestAccount\AppData\Roaming\.#
[2011/04/30 03:04:09 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\.minecraft
[2011/03/17 18:29:26 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Bump Technologies, Inc
[2011/03/24 04:04:24 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\calibre
[2010/07/18 15:46:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\DAEMON Tools Lite
[2011/05/26 15:24:11 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\elsterformular
[2010/07/07 15:26:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\GameConsole
[2010/11/21 00:50:06 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Gogii
[2011/03/02 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\IrfanView
[2010/07/10 18:31:15 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Magic Academy 2
[2011/03/02 02:37:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011/06/26 05:44:52 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Qyog
[2011/06/25 12:33:38 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Siysa
[2011/06/23 20:07:55 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Template
[2009/07/14 06:53:46 | 000,031,118 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010/07/07 15:27:09 | 000,000,000 | -HSD | M] -- C:\Users\TestAccount\AppData\Roaming\.#
[2011/04/30 03:04:09 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\.minecraft
[2011/03/02 02:14:31 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Adobe
[2011/03/17 18:29:26 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Bump Technologies, Inc
[2011/03/24 04:04:24 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\calibre
[2010/07/18 15:46:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\DAEMON Tools Lite
[2011/06/12 08:49:04 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\DivX
[2011/05/26 15:24:11 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\elsterformular
[2010/07/07 15:26:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\GameConsole
[2010/11/21 00:50:06 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Gogii
[2010/02/09 20:15:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Google
[2010/02/09 20:33:33 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Identities
[2011/03/02 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\IrfanView
[2010/07/07 15:32:06 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Macromedia
[2010/07/10 18:31:15 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Magic Academy 2
[2011/06/26 03:38:45 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Malwarebytes
[2011/03/02 02:37:39 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011/06/23 20:07:47 | 000,000,000 | --SD | M] -- C:\Users\TestAccount\AppData\Roaming\Microsoft
[2010/07/07 15:41:26 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Mozilla
[2011/06/26 05:44:52 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Qyog
[2011/06/25 12:33:38 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Siysa
[2011/04/13 21:08:32 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Skype
[2011/04/13 16:03:02 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\skypePM
[2011/06/23 20:07:55 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\Template
[2011/06/12 08:58:46 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\vlc
[2010/07/07 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\TestAccount\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011/03/02 02:32:40 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\TestAccount\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009/07/14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/07/18 15:17:18 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 03:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/07/14 03:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/07/14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\FirewallAPI.dll
 
<           >

< End of report >


ICh weiß, dass hier keine Cracks und Co akzeptiert werden. Habe ich auch nicht, ich habe keine illegalen Spiele oder Programme auf der Festplatte. Einzig Daemon Tools, was in meinen Augen sicher nicht illegal ist. Wie hätte ich sonst ne alte CD hier auf das Netbook draufbekommen sollen. Das ist nämlich der Grund, warum ich hier DaemonTools drauf habe. Den Eintrag aus diesem Post zu löschen, wäre vermutlich schneller gegangen, aber trotzden nur zur Info. Spiele kaufe ich, DVDs sammle ich und am PC spiele ich eh sehr selten.

Habe DT übrigens ganz am Anfang nach Besitz des Netbooks installiert und nur einmal verwendet. Dass eine Infizierung darüber statt fand, schließe ich aus. Ich gehe stark davon aus, dass es mit Facebook zusammen hängt.

Meine Freundin hat daheim nämlich das selbe Problem mit Google Chrome und hatte zu dem Zeitpunkt den Facebook-Chat auf, bekam irgendein Fenster zu Gesicht und klickte "nein". Habe sie gefragt, was in dem Fenster stand - Sie hats nicht gelesen

Ich hoffe, dass man mir hier helfen kann, da ich echt am Verzweifeln bin.


LG Benny

 

Themen zu Google Chrome geht nicht und ausgehende Aktionen erkannt
4d36e972-e325-11ce-bfc1-08002be10318, adblock, adobe, antivirus, c:\windows\system32\rundll32.exe, device driver, facebook gesperrt, google chrome, infizierte, infizierte dateien, kommt immer wieder, nvstor.sys, plug-in, problem, pup.adgame, pup.casino, recycle.bin, siteadvisor, sptd.sys, spyware.passwords.xgen, start menu, system, taskhost.exe, trojan.fakealert, trojan.spyeyes, trojan.zbotr.gen, url:mal, warum, webcheck, winlogon.exe, wrapper


« Java-Virus JAVA/Stutter.AG und Java-Virus JAVA/Stutter.AH | Mein system wurde gehackt! Brauche Hilfe! »


Ähnliche Themen: Google Chrome geht nicht und ausgehende Aktionen erkannt


  1. Windows 7: Google Chrome startet nicht mehr
    Log-Analyse und Auswertung - 12.09.2015 (13)
  2. Google Chrome Dateien auf dem PC, obwohl nicht installiert.
    Plagegeister aller Art und deren Bekämpfung - 29.08.2015 (7)
  3. InterPol, Zahlungsaufforderung und google chrome geht nicht nicht
    Plagegeister aller Art und deren Bekämpfung - 10.08.2015 (17)
  4. Scrollen in Google Chrome geht nur noch Waagerecht
    Alles rund um Windows - 19.05.2015 (15)
  5. Virus wird nicht erkannt und öffnet Chrome
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (3)
  6. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  7. Google Chrome Add On Nicht Löschbar/ Ständige Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.07.2014 (11)
  8. Google Chrome Add On Nicht Löschbar.
    Netzwerk und Hardware - 10.07.2014 (1)
  9. Google Chrome Startseite geht nicht weg
    Alles rund um Windows - 06.08.2013 (16)
  10. "Unbekannter Schädling" in Google Chrome erkannt
    Log-Analyse und Auswertung - 05.08.2013 (11)
  11. Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde
    Log-Analyse und Auswertung - 13.04.2013 (15)
  12. Incredibar bei google chrome nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 08.01.2013 (2)
  13. Mystart incredibar verschwindet nicht aus Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (17)
  14. Modemrouter wird nicht erkannt, keine LAN Verbindung möglich, garnichts geht!
    Netzwerk und Hardware - 18.08.2012 (3)
  15. System Tool (doch nicht?) entfernt - Google Chrome startet nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.03.2011 (16)
  16. Google Chrome und Opera starten nicht
    Plagegeister aller Art und deren Bekämpfung - 03.11.2010 (8)
  17. Google Chrome läuft nicht mehr +Fehlermeldungen IE+WE
    Log-Analyse und Auswertung - 10.07.2010 (33)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Google Chrome geht nicht und ausgehende Aktionen erkannt - Hallo, Schritt 1: ich drehe hier noch am Rad. Seit kurzem geht Google Chrome nicht mehr richtig bzw. nur noch sporadisch. Ich dachte zuerst, das hat was mit "facemoods" zu - Google Chrome geht nicht und ausgehende Aktionen erkannt...
Archiv
Du betrachtest: Google Chrome geht nicht und ausgehende Aktionen erkannt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131