| |
| |||||||
Log-Analyse und Auswertung: Mein Pc wird immer langsamer und hat Internet ProblemeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.04.2010, 19:33
| #16 |
  |  Mein Pc wird immer langsamer und hat Internet Probleme Hi, Combofix Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop. Antivierenlösung komplett auschalten und zwar so, dass sie sich auch nach einem Reboot NICHT einschaltet! Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß! Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter. Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird. chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
02.06.2010, 09:57
| #17 |
 | Mein Pc wird immer langsamer und hat Internet Probleme mein pc benimmt sich im moment wieder so komisch braucht ewigkeiten bis er richtig hochgefahren ist und bis er mal richtig reagiert dauert es auch ganz lange werde fast verrückt würde mich über eine Auswertung von euch sehr freuen
__________________lg sendet nici8880 OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.06.2010 10:48:05 - Run 3 OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\nici8880\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18904) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 47,00% Memory free 10,00 Gb Paging File | 8,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): c:\pagefile.sys 6141 6141 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581,64 Gb Total Space | 440,32 Gb Free Space | 75,70% Space Free | Partition Type: NTFS Drive D: | 14,53 Gb Total Space | 1,42 Gb Free Space | 9,79% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NICI8880-PC Current User Name: nici8880 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\nici8880\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\nici8880\AppData\Local\Temp\OnlineScanner\Anti-Virus\fssm32.exe (F-Secure Corporation) PRC - C:\Users\nici8880\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk32.exe (F-Secure Corporation) PRC - C:\Users\nici8880\AppData\Local\Temp\fsonlinescanner.exe (F-Secure Corporation) PRC - C:\Users\nici8880\Downloads\Tralala.exe () PRC - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) PRC - C:\Program Files (x86)\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.) PRC - C:\Program Files (x86)\Paradiesbar\paradiesbar.exe () PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) ========== Modules (SafeList) ========== MOD - C:\Users\nici8880\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SRV:64bit: - (osppsvc) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation) SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2010.03.29 05:42:29 | 000,000,000 | ---D | M] SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) SRV - (cvhsvc) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (MWAgent) -- C:\Program Files (x86)\Common Files\MicroWorld\Agent\MWASER.EXE (MicroWorld Technologies Inc.) SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof () SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof () ========== Driver Services (SafeList) ========== DRV:64bit: - (KLIF) -- C:\Windows\SysNative\DRIVERS\klif.sys (Kaspersky Lab) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\DRIVERS\klim6.sys (Kaspersky Lab) DRV:64bit: - (phaudlwr) -- C:\Windows\SysNative\DRIVERS\phaudlwr.sys (Philips Applied Technologies) DRV:64bit: - (KLBG) -- C:\Windows\SysNative\DRIVERS\klbg.sys (Kaspersky Lab) DRV:64bit: - (gbridge) -- C:\Windows\SysNative\DRIVERS\gbridge64.sys (Gbridge LLC) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\DRIVERS\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\DRIVERS\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (kl1) -- C:\Windows\SysNative\DRIVERS\kl1.sys (Kaspersky Lab) DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\Drivers\BTHport.sys (Microsoft Corporation) DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys (Microsoft Corporation) DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys (Microsoft Corporation) DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\Drivers\BTHUSB.sys (Microsoft Corporation) DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation) DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys (Microsoft Corporation) DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation ) DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (btnetBUs) -- C:\Windows\SysNative\Drivers\btnetBus.sys () DRV:64bit: - (UimBus) -- C:\Windows\SysNative\DRIVERS\uimx64.sys (Windows (R) 2000 DDK provider) DRV:64bit: - (ENTECH64) -- C:\Windows\SysNative\DRIVERS\ENTECH64.sys (EnTech Taiwan) DRV:64bit: - (SPC1030) USB2.0 PC Camera (SPC1030) -- C:\Windows\SysNative\DRIVERS\spc1030.sys () DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\DRIVERS\teamviewervpn.sys (TeamViewer GmbH) DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\Drivers\usbvideo.sys (Microsoft Corporation) DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\DRIVERS\bthpan.sys (Microsoft Corporation) DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys () DRV - (sftplay) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys (Microsoft Corporation) DRV - (sftvol) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys (Microsoft Corporation) DRV - (sftfs) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys (Microsoft Corporation) DRV - (RSUSBSTOR) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Programme\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.) DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof () DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof () DRV - (SPC1030) USB2.0 PC Camera (SPC1030) -- C:\Windows\spc1030.ini () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0:80 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.98 FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.05.21 10:09:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.05.28 09:02:17 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010.05.25 14:19:00 | 000,000,000 | ---D | M] [2010.05.21 10:09:11 | 000,000,000 | ---D | M] -- C:\Users\nici8880\AppData\Roaming\mozilla\Extensions [2010.06.01 20:57:08 | 000,000,000 | ---D | M] -- C:\Users\nici8880\AppData\Roaming\mozilla\Firefox\Profiles\hsb5ds28.default\extensions [2010.05.22 11:18:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\nici8880\AppData\Roaming\mozilla\Firefox\Profiles\hsb5ds28.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Users\nici8880\AppData\Roaming\Mozilla\FireFox\Profiles\hsb5ds28.default\searchplugins\SearchquWebSearch.xml [2010.06.01 20:57:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.05.25 09:00:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.05.25 09:00:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.25 11:00:40 | 000,394,868 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 13638 more lines... O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKLM..\RunOnce: [removedatamngr] File not found O4 - HKLM..\RunOnce: [removetoolbar] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108835 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm () O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html () O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html () O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.216.127.130 82.212.63.122 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\deskscapes.dll (Stardock Corporation) O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - Stardock Vista ControlPanel Extension - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll (Stardock) O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - StardockDreamController - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes\DreamControl.dll (Stardock) O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2010.06.01 09:05:15 | 000,000,000 | ---- | M] () - C:\Autoexec.bat -- [ NTFS ] O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.06.02 08:55:11 | 000,085,969 | ---- | C] (GMER) -- C:\Windows\SysWow64\drivers\gmer.sys [2010.06.02 08:48:07 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\SUPERAntiSpyware.com [2010.06.02 08:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010.06.02 08:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SASCORE [2010.06.02 08:47:04 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware [2010.06.02 08:44:18 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\EurekaLog [2010.06.01 23:31:43 | 000,624,640 | ---- | C] (Jan Kolarik & Ondrej Vaverka) -- C:\Windows\Müller® Buttermilch.scr [2010.06.01 23:31:43 | 000,495,104 | ---- | C] (Jan Kolarik & Ondrej Vaverka) -- C:\Windows\Müller® Buttermilch.exe [2010.06.01 23:31:42 | 000,000,000 | ---D | C] -- C:\Windows\Müller® Buttermilch Uninstaller [2010.06.01 09:04:53 | 000,000,000 | ---D | C] -- C:\SMCLPAV [2010.05.31 15:44:31 | 000,000,000 | ---D | C] -- C:\scc_41 [2010.05.31 15:30:30 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\Panda Security [2010.05.31 15:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security [2010.05.28 15:19:29 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Desktop\Schlagerheini präsentiert - WM-Songs 2010 [2010.05.27 09:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Searchqu Toolbar [2010.05.26 19:51:54 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\K-Meleon [2010.05.26 19:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Meleon [2010.05.26 15:30:01 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Desktop\Ich_und_Ich_-_Gute_Reise-DE-2009-MOD [2010.05.26 12:10:52 | 001,958,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2010.05.26 12:10:52 | 001,146,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2010.05.26 12:10:52 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2010.05.26 12:10:52 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2010.05.26 12:10:51 | 002,602,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2010.05.26 12:10:51 | 000,476,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2010.05.26 12:10:51 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2010.05.26 12:10:51 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2010.05.26 12:10:49 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2010.05.26 11:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Publish Data [2010.05.26 10:18:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Software4u [2010.05.26 10:18:34 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\Software4u [2010.05.26 10:18:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\S.A.D [2010.05.26 08:30:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ctfmon.exe.backup [2010.05.25 14:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2010.05.25 14:17:02 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.05.25 13:31:09 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\Malwarebytes [2010.05.25 11:48:54 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW(0) [2010.05.25 11:14:48 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\My Webcam Recordings [2010.05.25 10:59:48 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Users\nici8880\Desktop\regedit.exe.back [2010.05.25 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\MessengerDiscovery 2 [2010.05.25 10:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\MessengerDiscovery 2 [2010.05.25 10:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MessengerDiscovery 2 [2010.05.25 09:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.05.25 09:00:45 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.05.25 09:00:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.05.25 09:00:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.05.25 09:00:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.05.24 18:46:02 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Desktop\German_Top_100_Single_Charts_17_05_2010 [2010.05.22 10:59:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure [2010.05.22 10:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg [2010.05.22 09:12:50 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\URSoft [2010.05.22 09:12:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Your Uninstaller 2010 [2010.05.22 08:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis [2010.05.22 08:13:15 | 000,237,600 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snman380.sys [2010.05.22 08:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis [2010.05.21 21:24:20 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\Verlauf [2010.05.21 13:54:35 | 000,000,000 | ---D | C] -- C:\Users\nici8880\DoctorWeb [2010.05.21 10:09:03 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\Mozilla [2010.05.20 10:03:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.05.20 10:03:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.05.20 10:01:58 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\My Received Files [2010.05.20 09:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com [2010.05.20 09:34:26 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2010.05.20 09:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.05.20 09:32:49 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Local\CrashDumps [2010.05.20 09:32:04 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\DivX [2010.05.20 08:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE [2010.05.19 10:28:56 | 032,058,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2010.05.19 09:58:26 | 010,222,080 | ---- | C] (Foxit Corporation) -- C:\Users\nici8880\Desktop\Foxit Reader.exe [2010.05.19 09:51:36 | 000,499,712 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.05.18 17:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2010.05.18 15:19:45 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe [2010.05.18 15:19:45 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe [2010.05.18 15:08:42 | 000,354,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.05.18 15:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2010.05.18 14:37:10 | 000,000,000 | ---D | C] -- C:\!KillBox [2010.05.18 13:00:53 | 000,000,000 | ---D | C] -- C:\Temp [2010.05.18 10:21:07 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Local\GMail Drive [2010.05.16 18:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DrWeb [2010.05.16 12:29:23 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software [2010.05.16 11:27:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP [2010.05.16 11:17:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue [2010.05.16 11:16:41 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\Tific [2010.05.15 23:51:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\make-euros 4.2.1 [2010.05.15 17:19:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt [2010.05.15 16:52:22 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\MeineBackups [2010.05.15 16:35:03 | 001,580,576 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm140.sys [2010.05.15 16:34:30 | 000,880,160 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys [2010.05.15 16:34:30 | 000,083,488 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys [2010.05.12 21:33:56 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\Backups [2010.05.12 18:56:27 | 000,000,000 | ---D | C] -- C:\Users\nici8880\Documents\IM [2010.05.12 18:33:59 | 000,000,000 | ---D | C] -- C:\Programme\Philips [2010.05.12 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPC1030NC [2010.05.12 18:33:53 | 000,000,000 | ---D | C] -- C:\Windows\Philips [2010.05.06 18:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications [2010.05.06 16:34:31 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\NVD [2010.05.06 16:34:31 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Local\NVD [2010.05.06 16:34:05 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Local\SoftGrid Client [2010.05.06 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\SoftGrid Client [2010.05.06 16:33:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SoftGrid Client [2010.05.06 16:32:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2010.05.06 16:32:22 | 000,000,000 | ---D | C] -- C:\Users\nici8880\AppData\Roaming\TP [2010.05.04 11:43:59 | 000,101,888 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll [2010.05.03 13:13:35 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2010.05.03 13:00:47 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBCEE.DLL [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.06.02 10:53:12 | 008,126,464 | ---- | M] () -- C:\Users\nici8880\ntuser.dat [2010.06.02 10:28:28 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.06.02 10:28:28 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.06.02 10:12:22 | 005,082,883 | ---- | M] () -- C:\Users\nici8880\Desktop\FoxitReader331_enu.zip [2010.06.02 08:55:11 | 000,884,736 | ---- | M] () -- C:\Windows\gmer.dll [2010.06.02 08:55:11 | 000,085,969 | ---- | M] (GMER) -- C:\Windows\SysWow64\drivers\gmer.sys [2010.06.02 08:55:11 | 000,000,080 | ---- | M] () -- C:\Windows\gmer_uninstall.cmd [2010.06.02 08:55:06 | 000,811,008 | ---- | M] () -- C:\Windows\gmer.exe [2010.06.02 08:47:30 | 000,001,762 | ---- | M] () -- C:\Users\nici8880\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.06.02 08:33:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.06.02 08:32:14 | 000,001,356 | ---- | M] () -- C:\Users\nici8880\AppData\Local\d3d9caps.dat [2010.06.02 08:28:40 | 000,035,180 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010.06.02 08:28:40 | 000,035,180 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010.06.02 08:28:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.06.01 23:44:52 | 000,524,288 | -HS- | M] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TMContainer00000000000000000001.regtrans-ms [2010.06.01 23:44:52 | 000,065,536 | -HS- | M] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TM.blf [2010.06.01 23:44:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010.06.01 23:44:17 | 003,134,957 | -H-- | M] () -- C:\Users\nici8880\AppData\Local\IconCache.db [2010.06.01 23:32:29 | 000,624,640 | ---- | M] (Jan Kolarik & Ondrej Vaverka) -- C:\Windows\Müller® Buttermilch.scr [2010.06.01 23:32:29 | 000,000,743 | ---- | M] () -- C:\Windows\Müller® Buttermilch.c1 [2010.06.01 09:05:15 | 000,000,000 | ---- | M] () -- C:\Autoexec.bat [2010.05.31 18:07:13 | 002,364,321 | ---- | M] () -- C:\Users\nici8880\Documents\Foto030.jpg [2010.05.31 18:06:08 | 002,342,587 | ---- | M] () -- C:\Users\nici8880\Documents\Foto032.jpg [2010.05.29 08:55:52 | 000,000,130 | ---- | M] () -- C:\Users\nici8880\Desktop\Defjayradio.pls [2010.05.26 19:51:49 | 000,000,812 | ---- | M] () -- C:\Users\nici8880\Desktop\K-Meleon.lnk [2010.05.26 12:11:08 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2010.05.26 10:54:35 | 000,446,636 | ---- | M] () -- C:\Users\nici8880\Documents\Foto028.jpg [2010.05.26 08:30:46 | 000,024,064 | ---- | M] (Gerhard Schlager) -- C:\Windows\SysWow64\ctfmon.exe [2010.05.25 22:05:07 | 001,428,202 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.05.25 22:05:07 | 000,621,264 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.05.25 22:05:07 | 000,590,040 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.05.25 22:05:07 | 000,124,036 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.05.25 22:05:07 | 000,102,452 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.05.25 21:13:45 | 000,524,288 | -HS- | M] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 14:28:32 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010.05.25 14:28:32 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010.05.25 14:17:02 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.05.25 11:56:15 | 000,524,288 | -HS- | M] () -- C:\Users\nici8880\ntuser.dat{e89cff25-3a91-11df-bf04-00248ca96ef0}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 11:56:15 | 000,065,536 | -HS- | M] () -- C:\Users\nici8880\ntuser.dat{e89cff25-3a91-11df-bf04-00248ca96ef0}.TM.blf [2010.05.25 11:00:40 | 000,394,868 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.05.25 09:00:30 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.05.25 09:00:30 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.05.25 09:00:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.05.25 09:00:30 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.05.23 21:45:09 | 000,009,728 | ---- | M] () -- C:\Users\nici8880\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.22 16:44:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010.05.22 12:07:32 | 000,000,206 | ---- | M] () -- C:\Windows\win.ini [2010.05.22 11:15:01 | 000,033,920 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys [2010.05.22 11:03:17 | 001,466,430 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.05.22 08:13:25 | 001,580,576 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm140.sys [2010.05.22 08:13:19 | 000,880,160 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys [2010.05.22 08:13:15 | 000,237,600 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snman380.sys [2010.05.21 10:08:58 | 000,001,744 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.05.21 09:57:14 | 003,698,937 | ---- | M] () -- C:\Users\nici8880\Desktop\Firefox 3.6.3 (de) - 2010-05-21.pcv [2010.05.21 09:49:07 | 000,031,242 | ---- | M] () -- C:\Users\nici8880\Desktop\bookmarks-2010-05-21.json [2010.05.19 18:59:34 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\regsvr32-vssui.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\regsvr32-vss_ps.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\regsvr32-stdprov.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\regsvr32-es.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\regsvr32 [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Net [2010.05.19 11:20:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\egsvr32 [2010.05.19 10:56:23 | 001,002,408 | ---- | M] () -- C:\Users\nici8880\Documents\NICI8880-PC_right.html [2010.05.19 10:56:22 | 000,203,805 | ---- | M] () -- C:\Users\nici8880\Documents\NICI8880-PC_left.html [2010.05.19 10:56:22 | 000,000,829 | ---- | M] () -- C:\Users\nici8880\Documents\NICI8880-PC.html [2010.05.19 09:58:26 | 010,222,080 | ---- | M] (Foxit Corporation) -- C:\Users\nici8880\Desktop\Foxit Reader.exe [2010.05.18 15:22:18 | 024,215,959 | ---- | M] () -- C:\Windows\REGBK01.ZIP [2010.05.18 15:08:41 | 000,354,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.05.16 22:48:39 | 000,000,129 | ---- | M] () -- C:\Windows\wininit.ini [2010.05.15 23:51:45 | 000,000,790 | ---- | M] () -- C:\Users\nici8880\Desktop\make-euros.net paid4surf.lnk [2010.05.15 22:05:00 | 000,000,806 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.msn [2010.05.15 22:05:00 | 000,000,806 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100518-164201.backup [2010.05.15 16:34:30 | 000,083,488 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys [2010.05.14 17:52:44 | 000,000,963 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk [2010.05.13 08:47:54 | 000,087,104 | ---- | M] () -- C:\Users\nici8880\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.13 08:47:38 | 000,336,368 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.05.12 21:35:12 | 000,000,763 | ---- | M] () -- C:\Users\nici8880\Desktop\RegCleaner.lnk [2010.05.12 19:47:29 | 000,017,920 | ---- | M] () -- C:\Windows\WebFerretUninstall.exe [2010.05.12 12:57:27 | 000,000,068 | ---- | M] () -- C:\Users\nici8880\Desktop\radiofips.pls [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.06.02 10:12:16 | 005,082,883 | ---- | C] () -- C:\Users\nici8880\Desktop\FoxitReader331_enu.zip [2010.06.02 08:55:11 | 000,884,736 | ---- | C] () -- C:\Windows\gmer.dll [2010.06.02 08:55:11 | 000,811,008 | ---- | C] () -- C:\Windows\gmer.exe [2010.06.02 08:55:11 | 000,000,080 | ---- | C] () -- C:\Windows\gmer_uninstall.cmd [2010.06.02 08:47:30 | 000,001,762 | ---- | C] () -- C:\Users\nici8880\Desktop\SUPERAntiSpyware Free Edition.lnk [2010.06.01 23:31:43 | 000,588,987 | ---- | C] () -- C:\Windows\Müller® Buttermilch.swf [2010.06.01 23:31:43 | 000,480,056 | ---- | C] () -- C:\Windows\Müller® Buttermilch.bmp [2010.06.01 23:31:43 | 000,002,166 | ---- | C] () -- C:\Windows\Müller® Buttermilch.ico [2010.06.01 23:31:43 | 000,000,774 | ---- | C] () -- C:\Windows\Müller® Buttermilch.c3 [2010.06.01 23:31:43 | 000,000,743 | ---- | C] () -- C:\Windows\Müller® Buttermilch.c1 [2010.06.01 23:31:43 | 000,000,639 | ---- | C] () -- C:\Windows\Müller® Buttermilch.c4 [2010.06.01 23:31:43 | 000,000,000 | ---- | C] () -- C:\Windows\Müller® Buttermilch.ini [2010.06.01 09:05:15 | 000,000,000 | ---- | C] () -- C:\Autoexec.bat [2010.05.31 18:06:34 | 002,364,321 | ---- | C] () -- C:\Users\nici8880\Documents\Foto030.jpg [2010.05.31 17:40:51 | 002,342,587 | ---- | C] () -- C:\Users\nici8880\Documents\Foto032.jpg [2010.05.29 08:55:50 | 000,000,130 | ---- | C] () -- C:\Users\nici8880\Desktop\Defjayradio.pls [2010.05.26 19:51:49 | 000,000,812 | ---- | C] () -- C:\Users\nici8880\Desktop\K-Meleon.lnk [2010.05.26 10:52:59 | 000,446,636 | ---- | C] () -- C:\Users\nici8880\Documents\Foto028.jpg [2010.05.25 14:20:32 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2010.05.25 14:20:32 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2010.05.25 12:00:37 | 000,524,288 | -HS- | C] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TMContainer00000000000000000002.regtrans-ms [2010.05.25 12:00:37 | 000,524,288 | -HS- | C] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TMContainer00000000000000000001.regtrans-ms [2010.05.25 12:00:36 | 000,065,536 | -HS- | C] () -- C:\Users\nici8880\ntuser.dat{3f7c4b8c-67c0-11df-89ea-00248ca96ef0}.TM.blf [2010.05.22 12:13:01 | 000,368,872 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistMSI70ED.txt [2010.05.22 12:12:52 | 000,018,846 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistUI70ED.txt [2010.05.22 11:14:51 | 000,033,920 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys [2010.05.21 10:08:58 | 000,001,744 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.05.21 09:56:56 | 003,698,937 | ---- | C] () -- C:\Users\nici8880\Desktop\Firefox 3.6.3 (de) - 2010-05-21.pcv [2010.05.21 09:49:07 | 000,031,242 | ---- | C] () -- C:\Users\nici8880\Desktop\bookmarks-2010-05-21.json [2010.05.20 07:33:06 | 000,371,302 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistMSI7E7B.txt [2010.05.20 07:33:02 | 000,040,606 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistUI7E7B.txt [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\regsvr32-vssui.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\regsvr32-vss_ps.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\regsvr32-stdprov.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\regsvr32-es.dll [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\regsvr32 [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\Net [2010.05.19 11:20:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\egsvr32 [2010.05.19 10:56:23 | 001,002,408 | ---- | C] () -- C:\Users\nici8880\Documents\NICI8880-PC_right.html [2010.05.19 10:56:22 | 000,203,805 | ---- | C] () -- C:\Users\nici8880\Documents\NICI8880-PC_left.html [2010.05.19 10:56:22 | 000,000,829 | ---- | C] () -- C:\Users\nici8880\Documents\NICI8880-PC.html [2010.05.18 15:20:22 | 024,215,959 | ---- | C] () -- C:\Windows\REGBK01.ZIP [2010.05.16 12:30:52 | 000,369,972 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistMSI2920.txt [2010.05.16 12:29:51 | 000,732,428 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistUI2920.txt [2010.05.15 23:51:45 | 000,000,790 | ---- | C] () -- C:\Users\nici8880\Desktop\make-euros.net paid4surf.lnk [2010.05.12 21:35:12 | 000,000,763 | ---- | C] () -- C:\Users\nici8880\Desktop\RegCleaner.lnk [2010.05.12 19:57:58 | 000,001,904 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IncrediMail.lnk [2010.05.12 19:57:58 | 000,001,647 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ICQ7.1.lnk [2010.05.12 12:57:26 | 000,000,068 | ---- | C] () -- C:\Users\nici8880\Desktop\radiofips.pls [2010.05.06 16:33:16 | 001,466,430 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.05.04 10:28:09 | 000,369,778 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistMSI225F.txt [2010.05.04 10:28:08 | 000,024,034 | ---- | C] () -- C:\Users\nici8880\AppData\Local\dd_vcredistUI225F.txt [2010.05.03 21:50:42 | 000,001,886 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk [2010.04.29 10:58:19 | 000,135,936 | ---- | C] () -- C:\Windows\SysWow64\ZIPDLL.DLL [2010.04.29 10:58:19 | 000,130,816 | ---- | C] () -- C:\Windows\SysWow64\UNZDLL.DLL [2010.04.18 10:59:46 | 000,000,111 | ---- | C] () -- C:\Windows\installation.ini [2010.04.13 11:31:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\NetFerret.dll [2010.03.06 13:54:54 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010.02.26 23:20:58 | 000,000,017 | ---- | C] () -- C:\Windows\gd.ini [2010.02.15 23:16:23 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2010.02.15 23:00:56 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini [2010.01.27 21:55:27 | 000,000,054 | ---- | C] () -- C:\Windows\Player.INI [2010.01.19 01:44:43 | 000,000,077 | ---- | C] () -- C:\Windows\nwplayer.ini [2010.01.07 01:46:14 | 000,000,622 | ---- | C] () -- C:\Windows\DMN.INI [2009.12.11 02:21:00 | 000,000,106 | ---- | C] () -- C:\Windows\Podcasts.INI [2009.12.03 13:25:02 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll [2009.12.03 13:23:26 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.12.02 01:47:02 | 000,000,129 | ---- | C] () -- C:\Windows\wininit.ini [2009.11.26 23:31:41 | 000,001,120 | ---- | C] () -- C:\Windows\_delis32.ini [2009.11.07 10:54:01 | 000,000,870 | ---- | C] () -- C:\Windows\disney.ini [2009.11.07 10:52:58 | 000,000,025 | ---- | C] () -- C:\Windows\Dgs_32.dll [2009.05.19 06:10:11 | 000,354,816 | ---- | C] () -- C:\Windows\SysWow64\pythoncom26.dll [2009.05.19 06:10:11 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\pywintypes26.dll [2009.03.02 12:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009.03.02 12:33:32 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2007.10.08 17:46:14 | 000,851,968 | ---- | C] () -- C:\Windows\SysWow64\Dll_Volume_Ctrl.dll [2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2006.05.19 10:39:58 | 000,015,497 | ---- | C] () -- C:\Windows\spc1030.ini [1999.11.11 03:39:00 | 000,481,792 | ---- | C] () -- C:\Windows\SysWow64\RFFTW2dll.dll [1999.01.27 14:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\indounin.dll [1997.06.13 08:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:1CE11B51 @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:513A4CFC @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8 < End of report >
__________________ |
|
02.06.2010, 10:00
| #18 | |
| | Mein Pc wird immer langsamer und hat Internet ProblemeZitat:
GMER Logfile: Code:
ATTFilter GMER 1.0.14.14536 - hxxp://www.gmer.net
Rootkit scan 2010-06-02 10:59:47
Windows 6.0.6002 Service Pack 2
---- Registry - GMER 1.0.14 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd60091b
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd60091b@002567e15c8c 0xCD 0x56 0xB4 0x0C ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd60091b
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0009dd60091b@002567e15c8c 0xCD 0x56 0xB4 0x0C ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0009dd60091b
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0009dd60091b@002567e15c8c 0xCD 0x56 0xB4 0x0C ...
---- Files - GMER 1.0.14 ----
File C:\Users\nici8880\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\61HQEUUR\adneti-i[1].php 675 bytes
File C:\Users\nici8880\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\61HQEUUR\adneti-i[2].php 0 bytes
File C:\Users\nici8880\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ULUMMJ1\23[1].html 1374 bytes
File C:\Users\nici8880\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I1A95U1Z\37[1].html 1373 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\598A2CE0d01 37295 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\803DE31Cd01 33115 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\2C3B3396d01 208377 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\69093AB5d01 58539 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\0E52D919d01 114336 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\0EBEA66Cd01 272952 bytes
File C:\Users\nici8880\AppData\Local\Mozilla\Firefox\Profiles\hsb5ds28.default\Cache\10FF6567d01 145683 bytes
File C:\Users\nici8880\AppData\Local\Temp\hsperfdata_nici8880\3908 65536 bytes
File C:\Users\nici8880\AppData\Roaming\Microsoft\Windows\Cookies\nici8880@ad.adnet[1].txt 0 bytes
File C:\Users\nici8880\AppData\Roaming\Microsoft\Windows\Cookies\nici8880@advolution[2].txt 332 bytes
File C:\Users\nici8880\AppData\Roaming\Microsoft\Windows\Cookies\nici8880@scorecardresearch[2].txt 0 bytes
---- EOF - GMER 1.0.14 ----
__________________ |
|
| Themen zu Mein Pc wird immer langsamer und hat Internet Probleme |
| avg, bho, computer, explorer, firefox, helper, hijack, hijackthis, icq, internet, internet explorer, internet problem, kaspersky, logfile, malwarebytes' anti-malware, microsoft, mozilla, plug-in, problem, rundll, safer networking, security, senden, skype.exe, software, tastatur, vista, windows, wmp |
Linear-Darstellung
