ich habe keine Kontrolle mehr über meinen Rechner

fanta7 · 06.03.2011, 13:54

Hallo. Gerne würde ich mein Problem näher beschreiben, aber es sieht so aus als hätte ich keine Rechte mehr an meinem Computer. Ich kann nicht einmal den Task Manager öffnen. Ich wollte das Programm Malwarebytes starten: nicht passiert.

Unten rechts poppt die ganze Zeit eine Nachricht auf, dass mein Computer infiziert sei.

Ich soll eine Antivirensoftware installieren, nennt sich "System Tool". Es werden 38 Infizierte Dateien gemeldet. Das Program "System Tool" ist erst seit der Infizierung auf dem Computer..

Bitte helft mir!

jetzt hat sich mein Laptop aufgehangen: Bluescreen mit der Meldung, dass Windows (XP) runterfährt, um vor unerlaubtem Zugriff auf NTFS.SYS zu schützen

ich habe jetzt Malwarebytes nach Anleitung ausgeführt. Hier ist das Ergebnis:

Zitat:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Versión de la Base de Datos: 5973

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

06.03.2011 14:42:00
mbam-log-2011-03-06 (14-42-00).txt

Tipos de Análisis: Análisis Completo (C:\|D:\|)
Objetos examinados: 260264
Tiempo transcurrido: 1 hora(s), 0 minuto(s), 20 segundo(s)

Procesos en Memoria Infectados: 0
Módulos de Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 0
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Archivos Infectados: 8

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos de Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Archivos Infectados:
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\aircrack-ng gui.exe (PUP.Aircrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\aircrack-ng.exe (PUP.Aircrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\airdecap-ng.exe (PUP.Aircrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\aireplay-ng.exe (PUP.AirCrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\airodump-ng-airpcap.exe (PUP.AirCrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\airodump-ng.exe (PUP.AirCrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\ivstools.exe (PUP.Aircrack) -> Quarantined and deleted successfully.
c:\documents and settings\enrique_madrid\mis documentos\downloads\aircrack-ng-0.9.3-win\bin\packetforge-ng.exe (PUP.Aircrack) -> Quarantined and deleted successfully.

OTL Report, als nächstes muss ich die HOST-Dateien wie in der Anleitung fixen. Ist das richtig?

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 06.03.2011 15:45:14 - Run 1
OTL by OldTimer - Version 3.2.22.2     Folder = D:\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Alemania | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 426,00 Mb Available Physical Memory | 42,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 2024 4300 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Archivos de programa
Drive C: | 34,18 Gb Total Space | 18,70 Gb Free Space | 54,70% Space Free | Partition Type: NTFS
Drive D: | 40,34 Gb Total Space | 35,21 Gb Free Space | 87,28% Space Free | Partition Type: NTFS
 
Computer Name: ENRIQUE | User Name: enrique_madrid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Archivos de programa\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Archivos de programa\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software)
PRC - C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Archivos de programa\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Archivos de programa\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Archivos de programa\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Archivos de programa\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Archivos de programa\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Archivos de programa\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Archivos de programa\Archivos comunes\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Archivos de programa\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
PRC - C:\Archivos de programa\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Archivos de programa\Archivos comunes\LogiShrd\LQCVFX\COCIManager.exe ()
PRC - C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Archivos de programa\Archivos comunes\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Archivos de programa\Archivos comunes\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)
PRC - C:\Documents and Settings\enrique_madrid\Configuración local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Labtec Inc,)
 
 
========== Modules (SafeList) ==========
 
MOD - D:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Archivos de programa\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) --  File not found
SRV - (avast! Antivirus) -- C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (NitroReaderDriverReadSpool) -- C:\Archivos de programa\Nitro PDF\Reader\NitroPDFReaderDriverService.exe (Nitro PDF Software)
SRV - (Apple Mobile Device) -- C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NMSAccess) -- C:\Archivos de programa\CDBurnerXP\NMSAccessU.exe ()
SRV - (LVPrcSrv) -- C:\Archivos de programa\Archivos comunes\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVSrvLauncher) -- C:\Archivos de programa\Archivos comunes\LogiShrd\SrvLnch\SrvLnch.exe (Labtec Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech Webcam 500(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (HTCAND32) -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Labtec Inc.)
DRV - (LVcKap) -- C:\WINDOWS\system32\drivers\Lvckap.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "FCB-English Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438972&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google Germany"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.java-forum.org/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.91
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.1
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: dictionary-switcher@design-noir.de:1.0.1
FF - prefs.js..extensions.enabledItems: {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: {9b02a809-a44f-473f-8632-96dfab099b24}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.2
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438972&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Archivos de programa\Mozilla Firefox 4.0 Beta 6\components [2011.03.06 13:29:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Archivos de programa\Mozilla Firefox 4.0 Beta 6\plugins
 
[2009.02.23 20:42:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Extensions
[2011.03.05 01:07:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions
[2010.03.14 09:48:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.05.13 09:31:57 | 000,000,000 | ---D | M] (FaceMod Dislike Button) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{64e8cc5b-20db-4212-8320-178fc5ae71f7}
[2011.03.06 13:29:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011.01.05 00:59:48 | 000,000,000 | ---D | M] (FCB-English Community Toolbar) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{9b02a809-a44f-473f-8632-96dfab099b24}
[2010.11.15 13:53:22 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.11.11 18:47:35 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2010.11.15 13:53:18 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010.07.22 17:50:11 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.12.21 01:49:52 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.12.21 01:49:34 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.01.15 21:33:29 | 000,000,000 | ---D | M] (Dictionary Switcher) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\dictionary-switcher@design-noir.de
[2011.01.05 00:59:44 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\engine@conduit.com
[2009.12.29 22:03:30 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\firefox@tvunetworks.com
[2010.04.14 20:58:01 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\personas@christopher.beard
[2010.07.18 22:10:50 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\searchrecs@veoh.com
[2011.03.06 13:28:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\extensions\staged
[2011.03.05 09:27:53 | 000,002,105 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\google-germany.xml
[2011.02.27 17:57:12 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-10.xml
[2010.03.25 13:34:55 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-2.xml
[2010.04.01 14:32:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-3.xml
[2010.06.23 23:29:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-4.xml
[2010.06.24 09:22:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-5.xml
[2010.07.22 09:08:03 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-6.xml
[2010.07.26 21:26:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-7.xml
[2010.10.04 12:35:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-8.xml
[2010.12.13 13:19:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin-9.xml
[2010.02.19 13:05:52 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\Mozilla\Firefox\Profiles\ho2qpc8k.default\searchplugins\icqplugin.xml
[2010.12.20 03:10:02 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010.01.28 23:44:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Archivos de programa\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.25 22:28:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Archivos de programa\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.05 17:50:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.16 01:54:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2010.06.05 17:50:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\ARCHIVOS DE PROGRAMA\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.03.05 01:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\ARCHIVOS DE PROGRAMA\MOZILLA FIREFOX 4.0 BETA 6\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ENRIQUE_MADRID\DATOS DE PROGRAMA\MOZILLA\FIREFOX\PROFILES\HO2QPC8K.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010.03.19 08:11:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010.11.12 17:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.12 20:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npwachk.dll
 
O1 HOSTS File: ([2002.09.24 12:00:00 | 000,000,792 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Archivos de programa\Archivos comunes\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Alcmtr]  File not found
O4 - HKLM..\Run: [avast5] C:\Archivos de programa\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Archivos de programa\Archivos comunes\LogiShrd\LComMgr\Communications_Helper.exe (Labtec Inc,)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Archivos de programa\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Archivos de programa\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [RTHDCPL]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Archivos comunes\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Archivos de programa\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [ccleaner] C:\Archivos de programa\CCleaner\CCleaner.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Archivos de programa\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Archivos de programa\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235329795421 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Archivos comunes\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Archivos de programa\Archivos comunes\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -  File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -  File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll -  File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll -  File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll -  File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll -  File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll -  File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll -  File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll -  File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll -  File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll -  File not found
O24 - Desktop Components:0 (Mi página de inicio actual) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) -  File not found
O29 - HKLM SecurityProviders - (schannel.dll) -  File not found
O29 - HKLM SecurityProviders - (digest.dll) -  File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.22 16:25:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4734befe-f84f-11de-9c20-001eec45f137}\Shell - "" = AutoRun
O33 - MountPoints2\{4734befe-f84f-11de-9c20-001eec45f137}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{73c662c0-ee4c-11de-9c12-001eec45f137}\Shell - "" = AutoRun
O33 - MountPoints2\{73c662c0-ee4c-11de-9c12-001eec45f137}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{73c662c4-ee4c-11de-9c12-001eec45f137}\Shell - "" = AutoRun
O33 - MountPoints2\{73c662c4-ee4c-11de-9c12-001eec45f137}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bc359808-f2d3-11de-9c1e-001eec45f137}\Shell - "" = AutoRun
O33 - MountPoints2\{bc359808-f2d3-11de-9c1e-001eec45f137}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ff4ecff8-1a3d-11de-9b94-001eec45f137}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482976101-1677491937-661001330-9999\system.exe
O33 - MountPoints2\{ff4ecff8-1a3d-11de-9b94-001eec45f137}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482976101-1677491937-661001330-9999\system.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.06 14:48:12 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\enrique_madrid\Recent
[2011.03.06 13:29:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menú Inicio\Programas\Mozilla Firefox 4.0 Beta 6
[2011.03.06 13:20:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.03.06 11:07:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Datos de programa\bPoCgCm15409
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.06 15:42:03 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.03.06 15:34:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.06 14:52:14 | 000,607,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.03.06 14:52:14 | 000,149,718 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.03.06 14:48:00 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.06 14:47:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.06 13:35:59 | 000,001,763 | ---- | M] () -- C:\Documents and Settings\All Users\Escritorio\avast! Free Antivirus.lnk
[2011.03.06 13:35:57 | 000,002,958 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.03.06 13:01:18 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011.03.06 11:44:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.02.13 16:01:01 | 000,292,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.03.06 13:35:59 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Escritorio\avast! Free Antivirus.lnk
[2011.03.06 11:43:50 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2010.06.26 17:21:29 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.04.04 21:41:45 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009.10.06 23:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.06 23:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009.04.01 18:52:26 | 000,250,351 | ---- | C] () -- C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\sycki_nav.dat
[2009.04.01 18:52:26 | 000,003,076 | ---- | C] () -- C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\sycki.dat
[2009.04.01 18:52:26 | 000,002,826 | ---- | C] () -- C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\sycki_navps.dat
[2009.03.30 21:42:16 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.03.14 17:54:48 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\advd.dll
[2009.03.14 17:54:48 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\auth.dll
[2009.03.14 17:33:18 | 000,000,067 | ---- | C] () -- C:\WINDOWS\smrpro.INI
[2009.03.08 20:25:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\enrique_madrid\Datos de programa\AVSMediaPlayer.m3u
[2009.03.08 20:20:23 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.03.08 20:20:23 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.03.06 18:39:41 | 000,016,832 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009.03.05 22:55:31 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\enrique_madrid\Configuración local\Datos de programa\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.24 17:10:07 | 000,554,496 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll
[2009.02.23 20:42:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.02.22 19:55:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2009.02.22 19:43:18 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.22 17:46:57 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2009.02.22 17:28:12 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009.02.22 17:20:09 | 001,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2009.02.22 17:20:09 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2009.02.22 17:20:09 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2009.02.22 16:27:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.02.22 16:22:31 | 000,021,900 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.02.22 15:33:01 | 000,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.02.22 15:31:47 | 000,292,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.06 16:50:30 | 001,669,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.07.28 23:19:46 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002.09.24 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.09.24 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002.09.24 12:00:00 | 000,607,682 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002.09.24 12:00:00 | 000,372,482 | ---- | C] () -- C:\WINDOWS\System32\perfh00A.dat
[2002.09.24 12:00:00 | 000,317,534 | ---- | C] () -- C:\WINDOWS\System32\perfi00A.dat
[2002.09.24 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002.09.24 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002.09.24 12:00:00 | 000,149,718 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002.09.24 12:00:00 | 000,056,944 | ---- | C] () -- C:\WINDOWS\System32\perfc00A.dat
[2002.09.24 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002.09.24 12:00:00 | 000,036,284 | ---- | C] () -- C:\WINDOWS\System32\perfd00A.dat
[2002.09.24 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002.09.24 12:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002.09.24 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002.09.24 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
 
========== LOP Check ==========
 
[2011.01.08 01:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Alwil Software
[2011.03.06 13:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\bPoCgCm15409
[2009.02.22 18:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Broadcom
[2010.04.04 21:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Canneverbe Limited
[2010.05.14 10:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\HTC
[2010.01.28 23:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\ICQ
[2011.01.04 01:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Nitro PDF
[2010.05.14 10:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Teleca
[2009.03.08 20:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\Temp
[2010.04.06 17:36:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.11.08 14:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Datos de programa\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.04.04 21:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Canneverbe Limited
[2010.03.26 19:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
[2009.03.14 17:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\concept design
[2010.04.04 19:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\eMule
[2009.03.14 17:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\GetRightToGo
[2010.12.25 01:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\GHISLER
[2011.01.30 23:57:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\ICQ
[2010.06.05 21:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\JavaEditor
[2010.06.26 17:22:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Leadertech
[2011.01.04 01:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Nitro PDF
[2010.12.24 23:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Notepad++
[2010.01.19 21:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\OCS
[2011.01.04 01:35:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\OpenCandy
[2010.12.26 01:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\OpenOffice.org
[2010.01.19 21:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Opera
[2010.04.04 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\phonostar-Player
[2010.05.16 12:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Rynga
[2009.02.23 20:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\SecondLife
[2009.02.24 17:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\streamripper
[2010.12.24 22:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\TeamViewer
[2010.05.14 11:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Teleca
[2009.02.24 17:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Tobit
[2010.02.09 18:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\wxMozBrowserLib
[2011.01.08 16:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\X-Chat 2
[2009.03.14 18:11:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\enrique_madrid\Datos de programa\Xi
[2011.03.06 15:42:03 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
 
========== Purity Check ==========
 
 
 
< End of report >

--- --- ---

cosinus · 08.03.2011, 11:12

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.

Wieso hast du ein spanisches WinXP?

08.03.2011, 11:12	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	ich habe keine Kontrolle mehr über meinen Rechner Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes. Wieso hast du ein spanisches WinXP? __________________ __________________

ich habe keine Kontrolle mehr über meinen Rechner

Plagegeister aller Art und deren Bekämpfung: ich habe keine Kontrolle mehr über meinen Rechner

ich habe keine Kontrolle mehr über meinen Rechner

ich habe keine Kontrolle mehr über meinen Rechner

Ähnliche Themen: ich habe keine Kontrolle mehr über meinen Rechner