|
Plagegeister aller Art und deren Bekämpfung: Internet VERBUNDEN..aber dennoch kein Internetzugriff-Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.12.2012, 18:07 | #31 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Ja nur bei ESET..das von Malware habe ich eh gepostet... mit "und noch andere sachen" meinte ich das da noch drunter was gestanden ist, das hab ich mir nicht gemerkt.. sonst hätt ichs geschrieben.. |
09.12.2012, 18:16 | #32 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff- Du hast ESET schon im abgesicherten Modus mit Netzwerktreibern ausprobiert?
__________________
__________________ |
09.12.2012, 19:35 | #33 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- sorry...aber wie geht das?
__________________Ich hatte Eset angewendet so wie du es beschrieben hast. |
09.12.2012, 19:59 | #34 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff-Zitat:
Aber bitte, hier: Abgesicherter Modus zur Bereinigung
__________________ Logfiles bitte immer in CODE-Tags posten |
23.12.2012, 17:44 | #35 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Hallo.. konnte das bis jetzt nicht durchführen da ich viel um die Ohren hatte.. Nun wollte ich das machen..und aufeinmal erscheint mir am Bildschirm das " Ihr Computer ist gesperrt Sie begingen Strafhandlungen die gesetzeswidrig sind und die strafrechtlich geahndet werden " .. Es wird von mir verlangt 100€ zu zahlen dan soll mein Laptop wieder gehn.. |
23.12.2012, 19:36 | #36 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff- Hast du den abgesicherten Modus jetzt mal versucht zu starten, ja oder nein? Normalerweise kann man bei diesem Sperr-Trojaner den Rechner noch im abgesicherten Modus verwenden bzw. mit einem anderen Windows-Benutzer, falls man denn vorher einen erstellt hat
__________________ --> Internet VERBUNDEN..aber dennoch kein Internetzugriff- |
24.12.2012, 11:30 | #37 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Jap..habe das so gestartet..und dan erscheint das trotzdem.. Und ein anderen Benutzer habe ich nicht :-( |
24.12.2012, 16:36 | #38 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff- Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten: Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
__________________ Logfiles bitte immer in CODE-Tags posten |
24.12.2012, 16:54 | #39 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Dankeee!!! Muss mir dan ein zweiten Laptop von jemanden borgen und dan mach ich das. Frohe Weihnachten. |
06.01.2013, 22:40 | #40 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Ich denke bis zu dem Punkt - Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen. hab ichs geschafft, und auch OTLPE aufgemacht,.. aber wenn ich C: auswähle kommt diese Meldung - target is not windows 2000 or later - und mein Laptop fängt dauernd an zu piepsen also ein lautes Geräusch,habs dan nochmal versucht und es ist dan wieder das gleiche mit der Meldung als auch mit den piepsen... |
07.01.2013, 21:32 | #41 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff-Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
13.01.2013, 22:02 | #42 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Hab das jetzt geschafft..nur ich kanns grad nicht posten da Internet nicht geht wenn ichs dort anschließe..und ich den zweiten Laptop nicht da hab..kann jetzt dauern :S kann ich dabei was anderes machen? Sind eig meine ganzen Fotos,Musik ..usw weg? |
13.01.2013, 22:06 | #43 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Internet VERBUNDEN..aber dennoch kein Internetzugriff- Dann musst du das Log auf nem Stick oder so abspeichern und von einem anderen Rechner aus posten Die andere Frage lässt sich wohl nur mit einer so ohne Logs beantworten!
__________________ Logfiles bitte immer in CODE-Tags posten |
13.01.2013, 22:51 | #44 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff- Ok Dankeee!! Habs eh schon auf dem Stick drauf,muss nur noch schaun wegn Laptop. Lg |
02.02.2013, 15:59 | #45 |
| Internet VERBUNDEN..aber dennoch kein Internetzugriff-Code:
ATTFilter OTL logfile created on: 1/13/2013 9:44:07 PM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 69.52 Gb Total Space | 67.88 Gb Free Space | 97.65% Space Free | Partition Type: NTFS Drive D: | 69.77 Gb Total Space | 9.86 Gb Free Space | 14.14% Space Free | Partition Type: NTFS Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet001 ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand] -- -- (TFDQZCJT) SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - File not found [On_Demand] -- -- (QYMHBM) SRV - File not found [Auto] -- -- (Nero BackItUp Scheduler 4.0) SRV - [2012/12/23 11:27:49 | 000,199,544 | ---- | M] (Корпорация Майкрософт) [Auto] -- D:\Users\miKkii\wgsdgsdgdsgsd.exe -- (Winmgmt) SRV - [2012/12/12 05:18:16 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/29 14:31:04 | 000,038,608 | ---- | M] () [Auto] -- D:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012/11/28 16:27:16 | 000,711,112 | ---- | M] () [Auto] -- D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012/09/29 13:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/09/29 13:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012/08/12 21:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- D:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/02/13 21:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- D:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2012/01/18 07:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand] -- D:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011/02/28 12:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand] -- D:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 04:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2009/07/13 16:18:12 | 000,071,096 | ---- | M] () [Auto] -- D:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/10 03:23:02 | 000,024,576 | ---- | M] () [Auto] -- D:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService) SRV - [2007/09/10 08:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto] -- D:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService) SRV - [2007/06/05 06:20:32 | 000,177,704 | ---- | M] () [Auto] -- D:\Windows\System32\PSIService.exe -- (ProtexisLicensing) SRV - [2007/05/22 08:00:02 | 000,135,168 | ---- | M] (Acer Inc.) [Auto] -- D:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2007/05/16 15:15:22 | 000,163,840 | ---- | M] (acer) [Auto] -- D:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2007/04/25 09:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto] -- D:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service) SRV - [2007/03/14 03:52:30 | 000,024,576 | ---- | M] (Acer Inc.) [Auto] -- D:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService) SRV - [2006/11/24 05:57:54 | 000,107,008 | ---- | M] () [Auto] -- D:\Acer\Mobility Center\MobilityService.exe -- (MobilityService) SRV - [2006/10/04 22:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto] -- D:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2005/07/29 08:07:10 | 001,314,816 | ---- | M] (Avocent Inc.) [Auto] -- D:\Acer\Empowering Technology\admServ.exe -- (AWService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (USBModem) DRV - File not found [Kernel | On_Demand] -- -- (UsbDiag) DRV - File not found [Kernel | On_Demand] -- -- (usbbus) DRV - File not found [Kernel | Boot] -- -- (TfSysMon) DRV - File not found [Kernel | On_Demand] -- -- (TfNetMon) DRV - File not found [Kernel | Boot] -- -- (TfFsMon) DRV - File not found [Kernel | On_Demand] -- -- (pctplsg) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand] -- -- (IpInIp) DRV - File not found [Kernel | On_Demand] -- -- (catchme) DRV - [2012/11/28 16:27:18 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- D:\Windows\System32\drivers\avgtpx86.sys -- (avgtp) DRV - [2012/09/29 13:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/09/19 04:02:06 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV - [2012/08/24 09:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- D:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012/07/25 21:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- D:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012/04/18 21:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- D:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012/01/30 21:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- D:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2012/01/02 07:53:23 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2012/01/02 07:53:23 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2011/12/23 06:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- D:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011/12/23 06:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011/12/23 06:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2011/12/23 06:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2008/04/18 19:29:00 | 000,894,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athrusb.sys -- (athrusb) DRV - [2007/11/30 08:51:34 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\int15.sys -- (int15) DRV - [2007/11/06 15:22:06 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand] -- D:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2007/10/01 08:21:08 | 001,129,344 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA) DRV - [2007/07/30 15:13:10 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007/03/09 00:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005/07/19 07:15:14 | 000,011,978 | ---- | M] (OSA Technologies) [Kernel | System] -- D:\Windows\System32\drivers\OsaFsLoc.sys -- (OsaFsLoc) DRV - [2005/06/30 09:58:24 | 000,007,296 | ---- | M] (OSA Technologies, An Avocent Company) [Kernel | Auto] -- D:\Windows\System32\drivers\osaio.sys -- (osaio) DRV - [2005/05/02 05:13:42 | 000,009,600 | ---- | M] () [Kernel | On_Demand] -- D:\Windows\System32\drivers\NETMNT.sys -- (NETMNT) DRV - [2005/01/14 08:57:16 | 000,004,010 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- D:\Windows\System32\drivers\osanbm.sys -- (osanbm) DRV - [2004/06/07 11:32:34 | 000,005,035 | ---- | M] (OSA Technologies) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NdisFilt.sys -- (NdisFilt) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.thebflix.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\miKkii_ON_D\Software\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\miKkii\MUSIK IE - HKU\miKkii_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.live.com [binary data] IE - HKU\miKkii_ON_D\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\miKkii_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\miKkii_ON_D\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\miKkii_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\miKkii_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: D:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: D:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: D:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: D:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: D:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: D:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/22 18:45:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/11/03 02:33:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/23 10:49:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/05 12:35:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/23 10:48:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/03/29 15:23:49 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2009/06/18 15:42:43 | 000,000,000 | ---D | M] ("searchme") -- D:\Program Files\Mozilla Firefox\extensions\searchme@searchme.com [2012/03/12 23:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2012/02/20 05:25:21 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/12/23 10:48:29 | 000,124,056 | ---- | M] (RealPlayer) -- D:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012/03/13 00:23:34 | 000,001,392 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/03/13 00:06:36 | 000,002,252 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/03/13 00:23:34 | 000,001,153 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012/03/13 00:23:34 | 000,006,805 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2009/03/13 04:39:56 | 000,002,494 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\searchme.xml [2012/03/13 00:23:34 | 000,001,178 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012/03/13 00:23:34 | 000,001,105 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012/12/04 13:53:49 | 000,000,027 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - D:\Windows\System32\eDStoolbar.dll (HiTRUST) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKU\miKkii_ON_D\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - D:\Windows\System32\eDStoolbar.dll (HiTRUST) O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] D:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE () O4 - HKLM..\Run: [AVG_TRAY] D:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DivXUpdate] D:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [eDataSecurity Loader] D:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST) O4 - HKLM..\Run: [HF_G_Jul] File not found O4 - HKLM..\Run: [NeroFilterCheck] D:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [TkBellExe] D:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Ulead AutoDetector v2] D:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.) O4 - HKLM..\Run: [vProt] File not found O4 - HKU\miKkii_ON_D..\Run: [Sony PC Companion] D:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\miKkii_ON_D..\Run: [WindowsWelcomeCenter] D:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: Error locating startup folders. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\miKkii_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldde-at.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - AppInit_DLLs: (C:\Windows\System32\eNetHook.dll) - D:\Windows\System32\eNetHook.dll (acer) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - D:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/12/23 10:50:40 | 000,000,000 | ---D | C] -- D:\Users\miKkii\AppData\Roaming\RealNetworks [2012/12/23 10:49:18 | 000,000,000 | ---D | C] -- D:\Program Files\RealNetworks [2012/12/23 10:49:15 | 000,000,000 | ---D | C] -- D:\ProgramData\RealNetworks [2012/12/23 10:49:01 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\xing shared [2012/12/23 10:48:48 | 000,201,424 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\System32\rmoc3260.dll [2012/12/23 10:48:22 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\System32\pndx5016.dll [2012/12/23 10:48:22 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- D:\Windows\System32\pndx5032.dll [2012/12/23 10:48:21 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012/12/23 10:48:19 | 000,272,896 | ---- | C] (Progressive Networks) -- D:\Windows\System32\pncrt.dll [2012/12/23 10:45:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/12/23 10:44:39 | 000,000,000 | ---D | C] -- D:\Program Files\Google [2012/12/22 05:05:20 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll [2012/12/22 05:05:20 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll [2012/12/21 04:21:18 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll [2012/12/21 04:21:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll [2012/12/21 04:21:16 | 000,607,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll [2012/12/20 07:22:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb [2012/12/20 07:22:27 | 000,420,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll [2012/12/20 07:22:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe [2012/12/20 07:22:25 | 000,717,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll [2012/12/20 07:22:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll [2012/12/20 07:22:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll [2012/12/20 07:22:22 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl [2012/12/20 07:18:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Wdfres.dll [2012/12/20 07:17:49 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winusb.dll [2012/12/20 07:17:48 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFPlatform.dll [2012/12/20 07:17:44 | 000,047,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\WdfLdr.sys [2012/12/20 07:17:41 | 000,613,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFx.dll [2012/12/20 07:17:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFCoinstaller.dll [2009/06/24 06:32:45 | 000,047,360 | ---- | C] (VSO Software) -- D:\Users\miKkii\AppData\Roaming\pcouffin.sys [2009/06/16 07:03:56 | 000,126,976 | ---- | C] ( ) -- D:\Windows\System32\Interop.SHDocVw.dll [2009/04/06 05:25:09 | 000,016,384 | ---- | C] ( ) -- D:\Windows\System32\ClearEvent.exe ========== Files - Modified Within 30 Days ========== [2013/01/13 15:09:10 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2013/01/13 15:07:31 | 000,004,320 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/13 15:07:28 | 000,004,320 | ---- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/13 15:07:19 | 000,001,094 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/13 15:06:59 | 095,023,320 | ---- | M] () -- D:\ProgramData\dsgsdgdsgdsgw.pad [2012/12/23 11:28:14 | 000,002,915 | ---- | M] () -- D:\ProgramData\dsgsdgdsgdsgw.js [2012/12/23 11:28:14 | 000,000,886 | ---- | M] () -- D:\Users\miKkii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk [2012/12/23 11:18:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job [2012/12/23 11:05:09 | 104,095,949 | ---- | M] () -- D:\Windows\System32\drivers\AVG\incavi.avm [2012/12/23 10:57:37 | 000,001,098 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/23 10:57:34 | 000,001,971 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk [2012/12/23 10:49:30 | 000,000,937 | ---- | M] () -- D:\Users\Public\Desktop\RealPlayer.lnk [2012/12/23 10:49:21 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012/12/23 10:48:48 | 000,201,424 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\System32\rmoc3260.dll [2012/12/23 10:48:23 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\System32\pndx5032.dll [2012/12/23 10:48:22 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- D:\Windows\System32\pndx5016.dll [2012/12/23 10:48:19 | 000,272,896 | ---- | M] (Progressive Networks) -- D:\Windows\System32\pncrt.dll [2012/12/23 10:45:47 | 000,001,955 | ---- | M] () -- D:\Users\miKkii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/12/23 10:45:46 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/12/22 14:13:40 | 000,000,560 | -H-- | M] () -- D:\Windows\tasks\Norton Security Scan for miKkii.job [2012/12/22 12:39:52 | 000,175,092 | ---- | M] () -- D:\Windows\System32\drivers\AVG\iavichjg.avm [2012/12/22 05:35:42 | 001,478,888 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2012/12/20 07:12:27 | 000,727,908 | ---- | M] () -- D:\Windows\System32\perfh007.dat [2012/12/20 07:12:27 | 000,640,436 | ---- | M] () -- D:\Windows\System32\perfh009.dat [2012/12/20 07:12:27 | 000,190,710 | ---- | M] () -- D:\Windows\System32\perfc007.dat [2012/12/20 07:12:27 | 000,132,062 | ---- | M] () -- D:\Windows\System32\perfc009.dat [2012/12/16 08:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- D:\Windows\System32\atmlib.dll [2012/12/16 05:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll ========== Files Created - No Company Name ========== [2012/12/23 11:28:14 | 000,002,915 | ---- | C] () -- D:\ProgramData\dsgsdgdsgdsgw.js [2012/12/23 11:28:14 | 000,000,886 | ---- | C] () -- D:\Users\miKkii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk [2012/12/23 11:27:55 | 095,023,320 | ---- | C] () -- D:\ProgramData\dsgsdgdsgdsgw.pad [2012/12/23 10:49:30 | 000,000,937 | ---- | C] () -- D:\Users\Public\Desktop\RealPlayer.lnk [2012/12/23 10:45:47 | 000,001,971 | ---- | C] () -- D:\Users\Public\Desktop\Google Chrome.lnk [2012/12/23 10:45:47 | 000,001,955 | ---- | C] () -- D:\Users\miKkii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/12/23 10:45:12 | 000,001,098 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/12/23 10:45:09 | 000,001,094 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/12/20 07:18:21 | 000,000,003 | ---- | C] () -- D:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/12/20 07:18:21 | 000,000,003 | ---- | C] () -- D:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/12/04 13:39:04 | 000,256,000 | ---- | C] () -- D:\Windows\PEV.exe [2012/12/04 13:39:04 | 000,208,896 | ---- | C] () -- D:\Windows\MBR.exe [2012/12/04 13:39:04 | 000,098,816 | ---- | C] () -- D:\Windows\sed.exe [2012/12/04 13:39:04 | 000,080,412 | ---- | C] () -- D:\Windows\grep.exe [2012/12/04 13:39:04 | 000,068,096 | ---- | C] () -- D:\Windows\zip.exe [2011/11/27 14:51:25 | 000,044,544 | ---- | C] () -- D:\Windows\System32\Gif89.dll [2010/08/29 09:49:15 | 000,002,560 | ---- | C] () -- D:\Windows\_MSRSTRT.EXE [2010/03/12 12:55:35 | 000,819,200 | ---- | C] () -- D:\Windows\System32\xvidcore.dll [2010/03/12 12:55:35 | 000,180,224 | ---- | C] () -- D:\Windows\System32\xvidvfw.dll [2009/11/01 06:29:17 | 000,149,504 | ---- | C] () -- D:\Windows\System32\UNWISE.EXE [2009/11/01 06:28:31 | 000,065,536 | ---- | C] () -- D:\Windows\System32\dmcrypto.dll [2009/11/01 06:26:10 | 000,000,135 | ---- | C] () -- D:\Windows\ODBC.INI [2009/11/01 06:26:09 | 000,000,209 | ---- | C] () -- D:\Windows\ODBCINST.INI [2009/11/01 06:26:06 | 000,163,840 | ---- | C] () -- D:\Windows\System32\hcwChDB.dll [2009/11/01 06:25:06 | 000,006,568 | ---- | C] () -- D:\Windows\HCWPNP.INI [2009/11/01 06:22:59 | 000,066,048 | ---- | C] () -- D:\Windows\System32\hcwxds.dll [2009/10/25 13:57:46 | 000,107,612 | ---- | C] () -- D:\Windows\System32\StructuredQuerySchema.bin [2009/10/25 13:57:45 | 000,117,248 | ---- | C] () -- D:\Windows\System32\EhStorAuthn.dll [2009/07/23 08:08:32 | 000,000,039 | ---- | C] () -- D:\Windows\Irremote.ini [2009/06/26 14:38:17 | 000,027,648 | ---- | C] () -- D:\Windows\System32\AVSredirect.dll [2009/06/24 06:32:45 | 000,007,887 | ---- | C] () -- D:\Users\miKkii\AppData\Roaming\pcouffin.cat [2009/06/24 06:32:45 | 000,001,144 | ---- | C] () -- D:\Users\miKkii\AppData\Roaming\pcouffin.inf [2009/06/16 07:03:58 | 000,053,248 | ---- | C] () -- D:\Windows\System32\dossec.dll [2009/06/09 04:25:37 | 000,001,024 | RH-- | C] () -- D:\Windows\System32\NTIMPEG2.dll [2009/06/09 04:25:37 | 000,001,024 | RH-- | C] () -- D:\Windows\System32\NTIMP3.dll [2009/06/09 04:25:37 | 000,001,024 | RH-- | C] () -- D:\Windows\System32\NTICDMK7.dll [2009/05/15 10:58:33 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [2009/05/04 11:06:12 | 000,006,550 | ---- | C] () -- D:\Windows\jautoexp.dat [2009/05/03 10:55:21 | 000,000,501 | ---- | C] () -- D:\Windows\ulead32.ini [2009/04/06 12:12:47 | 000,018,904 | ---- | C] () -- D:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/04/06 05:38:47 | 000,015,656 | ---- | C] () -- D:\Windows\System32\drivers\int15_64.sys [2009/04/06 05:30:41 | 000,065,536 | ---- | C] () -- D:\Windows\System32\NATTraversal.dll [2009/04/06 05:25:09 | 000,016,384 | ---- | C] () -- D:\Windows\System32\LauncheRyAgentUser.exe [2009/04/03 13:07:12 | 000,024,576 | ---- | C] () -- D:\Windows\System32\PressCancel.exe [2009/04/02 13:12:14 | 000,000,552 | ---- | C] () -- D:\Users\miKkii\AppData\Local\d3d8caps.dat [2009/04/02 13:09:12 | 000,094,720 | ---- | C] () -- D:\Users\miKkii\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/02 13:03:28 | 000,001,356 | ---- | C] () -- D:\Users\miKkii\AppData\Local\d3d9caps.dat [2008/06/25 10:34:00 | 001,953,696 | ---- | C] () -- D:\Windows\System32\igklg400.dll [2008/06/25 10:34:00 | 001,533,360 | ---- | C] () -- D:\Windows\System32\igklg450.dll [2008/06/25 10:34:00 | 000,147,456 | ---- | C] () -- D:\Windows\System32\igfxCoIn_v1409.dll [2008/06/25 10:34:00 | 000,104,636 | ---- | C] () -- D:\Windows\System32\igmedcompkrn.dll [2008/01/21 02:15:58 | 000,727,908 | ---- | C] () -- D:\Windows\System32\perfh007.dat [2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- D:\Windows\System32\perfi007.dat [2008/01/21 02:15:58 | 000,190,710 | ---- | C] () -- D:\Windows\System32\perfc007.dat [2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- D:\Windows\System32\perfd007.dat [2007/11/06 15:19:28 | 000,053,299 | ---- | C] () -- D:\Windows\System32\pthreadVC.dll [2007/06/05 06:20:32 | 000,177,704 | ---- | C] () -- D:\Windows\System32\PSIService.exe [2007/04/25 09:33:22 | 000,266,240 | ---- | C] () -- D:\Windows\System32\NotesExtmngr.dll [2007/04/25 09:32:50 | 000,204,800 | ---- | C] () -- D:\Windows\System32\NotesActnMenu.dll [2007/04/25 09:32:46 | 000,086,016 | ---- | C] () -- D:\Windows\System32\MSNSpook.dll [2007/04/25 09:31:00 | 000,028,672 | ---- | C] () -- D:\Windows\System32\BatchCrypto.dll [2007/04/25 09:30:52 | 000,073,728 | ---- | C] () -- D:\Windows\System32\APISlice.dll [2007/04/25 09:30:44 | 000,063,488 | ---- | C] () -- D:\Windows\System32\ShowErrMsg.dll [2006/12/25 08:44:48 | 000,022,016 | ---- | C] () -- D:\Windows\System32\MailFormat_U.dll [2006/11/12 22:50:06 | 000,071,680 | ---- | C] () -- D:\Windows\System32\HTCA_SelfExtract.bin [2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat [2006/11/02 07:47:37 | 001,478,888 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT [2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- D:\Windows\System32\sysprepMCE.dll [2006/11/02 05:33:01 | 000,640,436 | ---- | C] () -- D:\Windows\System32\perfh009.dat [2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- D:\Windows\System32\perfi009.dat [2006/11/02 05:33:01 | 000,132,062 | ---- | C] () -- D:\Windows\System32\perfc009.dat [2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- D:\Windows\System32\perfd009.dat [2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat [2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin [2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT [2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- D:\Windows\System32\pacerprf.ini [2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat [2005/05/02 05:13:42 | 000,009,600 | ---- | C] () -- D:\Windows\System32\drivers\NETMNT.sys [2001/12/26 08:12:30 | 000,065,536 | ---- | C] () -- D:\Windows\System32\multiplex_vcd.dll [2001/09/03 15:46:38 | 000,110,592 | ---- | C] () -- D:\Windows\System32\Hmpg12.dll [2001/07/30 08:33:56 | 000,118,784 | ---- | C] () -- D:\Windows\System32\HMPV2_ENC.dll [2001/07/23 14:04:36 | 000,118,784 | ---- | C] () -- D:\Windows\System32\HMPV2_ENC_MMX.dll ========== LOP Check ========== [2009/04/06 05:32:45 | 000,000,000 | ---D | M] -- D:\ProgramData\Acer [2009/04/02 13:01:06 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten [2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data [2012/06/02 11:46:33 | 000,000,000 | ---D | M] -- D:\ProgramData\AVG2012 [2012/06/02 10:04:05 | 000,000,000 | ---D | M] -- D:\ProgramData\avg9 [2009/04/08 05:01:18 | 000,000,000 | ---D | M] -- D:\ProgramData\Azureus [2009/08/24 12:41:58 | 000,000,000 | ---D | M] -- D:\ProgramData\Canneverbe Limited [2011/03/14 14:13:24 | 000,000,000 | -H-D | M] -- D:\ProgramData\Common Files [2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop [2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents [2009/04/02 13:01:06 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente [2010/02/06 15:12:33 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts [2009/05/13 04:05:07 | 000,000,000 | ---D | M] -- D:\ProgramData\ESET [2009/04/02 13:01:06 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten [2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites [2009/07/23 08:27:53 | 000,000,000 | ---D | M] -- D:\ProgramData\LightScribe [2010/01/19 16:00:40 | 000,000,000 | ---D | M] -- D:\ProgramData\Messenger Plus! [2012/12/26 05:01:17 | 000,000,000 | ---D | M] -- D:\ProgramData\MFAData [2009/10/16 12:14:31 | 000,000,000 | ---D | M] -- D:\ProgramData\Novatel Wireless [2009/05/08 15:13:03 | 000,000,000 | ---D | M] -- D:\ProgramData\PopCap Games [2012/03/09 15:25:50 | 000,000,000 | ---D | M] -- D:\ProgramData\Sony [2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu [2009/04/02 13:01:06 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü [2012/06/02 09:54:39 | 000,000,000 | ---D | M] -- D:\ProgramData\TEMP [2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates [2011/12/23 15:52:20 | 000,000,000 | ---D | M] -- D:\ProgramData\tmp [2009/04/17 01:48:27 | 000,000,000 | ---D | M] -- D:\ProgramData\Ulead Systems [2009/04/02 13:01:06 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen [2010/01/22 08:23:37 | 000,000,000 | ---D | M] -- D:\ProgramData\WindowsSearch [2009/09/11 07:30:47 | 000,000,000 | ---D | M] -- D:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2013/01/13 15:09:03 | 000,032,578 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 167 bytes -> D:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 127 bytes -> D:\ProgramData\TEMP:1CA73D29 < End of report > |
Themen zu Internet VERBUNDEN..aber dennoch kein Internetzugriff- |
administrator, anti-malware, autostart, browser, code, dateien, explorer, gen, handy, helper, internet, kein internetzugriff, laptop, malwarebytes, microsoft, neue, neuen, service, service pack 2, software, speicher, test, version, vista, wlan, zugriff |