TR/Kazy.mekml.1 ... SOS

ESV_Ritch · 28.04.2011, 13:28

OTL.txtOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 28.04.2011 14:22:42 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = F:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 96,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,69 Gb Total Space | 37,25 Gb Free Space | 26,11% Space Free | Partition Type: NTFS
Drive D: | 137,70 Gb Total Space | 106,98 Gb Free Space | 77,69% Space Free | Partition Type: NTFS
Drive F: | 7,46 Gb Total Space | 7,30 Gb Free Space | 97,91% Space Free | Partition Type: FAT32
 
Computer Name: LAPTOP | User Name: Pam & Franky | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - F:\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - F:\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe ()
SRV - (RS_Service) -- C:\Programme\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (NTIPPKernel) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys (Cyberlink Corp.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0309&m=aspire_6930g
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0309&m=aspire_6930g
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0309&m=aspire_6930g
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000..\Run: [EA Core]  File not found
O4 - HKU\S-1-5-21-3402982626-4064858815-2228441422-1000..\Run: [scIeDgaoTLYN] C:\ProgramData\scIeDgaoTLYN.exe (WinTrust)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Pam & Franky\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab (Reg Error: Key error.)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan-canvasx.cab (JordanUploader Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Pam & Franky\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Pam & Franky\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.28 08:15:03 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{D9F4A69C-4782-4681-B227-3A0E837DF2F6}
[2011.04.27 20:08:57 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{B1D4918B-5D39-42E2-A3E2-35F5369AD44F}
[2011.04.27 19:05:52 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Roaming\Avira
[2011.04.27 15:50:11 | 000,573,440 | -H-- | C] (WinTrust) -- C:\ProgramData\scIeDgaoTLYN.exe
[2011.04.27 07:46:10 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 07:46:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 07:45:59 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.27 07:38:25 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{337B6FE6-A64E-4BF1-81FC-4600139AD3CB}
[2011.04.26 06:26:05 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{E8992A2A-FB9F-433D-A2AE-D22934D2D7E7}
[2011.04.25 08:50:39 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{E9914411-6E4B-488E-BA4F-9DEFA887FB6A}
[2011.04.24 07:52:25 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{14F73BE9-3F6B-43B4-AC60-04D0E0CF1527}
[2011.04.23 23:07:40 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{467683BA-074B-4368-9F84-2B9EEFE784BE}
[2011.04.22 19:04:39 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{0DC70F64-D1AF-4B2E-A992-2695E2DDC73B}
[2011.04.18 08:13:37 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{83341F59-CD02-4E4C-9BA3-C4DE64299E89}
[2011.04.17 10:55:31 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{A184B2D0-2C21-4BE8-BF1A-105EB782799F}
[2011.04.16 14:38:22 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{104E7787-9B4B-4377-83C5-8259A9D80F99}
[2011.04.16 14:30:00 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.14 03:53:56 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\AppData\Local\{461CA614-0635-405D-805E-E3D7E75BB85A}
[2011.04.13 13:28:06 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.13 13:28:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.13 13:28:00 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.13 13:28:00 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.13 13:28:00 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.13 13:28:00 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.13 13:28:00 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.13 13:28:00 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.13 13:28:00 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.13 13:28:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.13 13:27:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.13 13:27:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.13 13:27:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.13 13:27:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.13 13:27:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.13 13:27:59 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.13 13:27:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.13 13:27:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.13 13:27:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.13 13:27:55 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.13 13:27:54 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.13 13:27:51 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.13 13:27:50 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.13 13:27:48 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.13 13:27:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.04 17:54:39 | 000,000,000 | ---D | C] -- C:\Users\Pam & Franky\Desktop\HERAKLES
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.28 14:22:03 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011.04.28 14:18:22 | 000,002,299 | ---- | M] () -- C:\Users\Pam & Franky\AppData\Roaming\acervcmtmp.ini
[2011.04.28 14:18:06 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011.04.28 14:18:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.28 14:17:48 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 14:17:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 13:56:42 | 000,627,756 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.28 13:56:42 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.28 13:56:42 | 000,125,870 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.28 13:56:42 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.28 13:48:01 | 000,491,520 | ---- | M] () -- C:\ProgramData\40886024.exe
[2011.04.28 13:17:44 | 350,977,287 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.28 11:49:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.27 15:50:11 | 000,573,440 | -H-- | M] (WinTrust) -- C:\ProgramData\scIeDgaoTLYN.exe
[2011.04.27 15:34:44 | 000,028,504 | -H-- | M] () -- C:\ProgramData\nvModes.001
[2011.04.24 08:13:50 | 000,028,504 | -H-- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.16 14:29:57 | 000,001,036 | ---- | M] () -- C:\Users\Pam & Franky\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.16 14:29:48 | 000,001,195 | ---- | M] () -- C:\Users\Pam & Franky\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.14 03:51:27 | 000,410,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.11 21:06:57 | 000,012,431 | ---- | M] () -- C:\Users\Pam & Franky\Desktop\FAHRKARTE FREDO#.pdf
[2011.04.11 18:10:17 | 000,066,076 | ---- | M] () -- C:\Users\Pam & Franky\Desktop\VfR_Termine_F1_April_bis_Juni_2011.pdf
[2011.04.04 11:31:05 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.03.31 16:12:37 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
 
========== Files Created - No Company Name ==========
 
[2011.04.28 13:47:57 | 000,491,520 | ---- | C] () -- C:\ProgramData\40886024.exe
[2011.04.16 14:29:48 | 000,001,195 | ---- | C] () -- C:\Users\Pam & Franky\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.11 21:06:56 | 000,012,431 | ---- | C] () -- C:\Users\Pam & Franky\Desktop\FAHRKARTE FREDO#.pdf
[2011.04.11 18:10:15 | 000,066,076 | ---- | C] () -- C:\Users\Pam & Franky\Desktop\VfR_Termine_F1_April_bis_Juni_2011.pdf
[2010.11.02 19:02:50 | 000,000,701 | ---- | C] () -- C:\Windows\wiso.ini
[2010.05.19 21:51:07 | 000,000,680 | ---- | C] () -- C:\Users\Pam & Franky\AppData\Local\d3d9caps.dat
[2010.02.19 11:43:03 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.02.15 14:59:03 | 000,002,299 | ---- | C] () -- C:\Users\Pam & Franky\AppData\Roaming\acervcmtmp.ini
[2009.10.20 21:39:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.20 21:39:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.01 11:48:28 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.05.20 20:39:51 | 000,453,188 | ---- | C] () -- C:\Users\Pam & Franky\AppData\Roaming\mdbu.bin
[2009.04.10 21:48:27 | 000,061,440 | ---- | C] () -- C:\Users\Pam & Franky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.09 18:43:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.04.09 11:47:16 | 000,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2009.04.09 09:29:30 | 000,028,504 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2009.04.09 09:29:23 | 000,028,504 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2009.04.04 21:07:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.30 12:19:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.07.30 04:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.07.30 04:13:17 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.07.30 03:47:56 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2008.07.30 03:42:04 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.07.30 03:25:14 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.07.30 03:25:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008.07.30 03:25:14 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.07.30 03:25:14 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008.01.21 09:15:58 | 000,627,756 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,125,870 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,410,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,386 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009.04.09 11:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\Acer
[2008.07.30 04:10:28 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\Acer GameZone Console
[2011.03.23 18:52:48 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\AnvSoft
[2010.11.02 19:00:45 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\Buhl Data Service
[2009.06.13 20:09:06 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\Canneverbe_Limited
[2011.04.16 14:30:00 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.03 13:45:55 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\Facebook
[2009.04.10 21:17:45 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\IrfanView
[2009.06.26 21:11:46 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\SCHLECKERFotobuch
[2009.05.17 22:42:36 | 000,000,000 | ---D | M] -- C:\Users\Pam & Franky\AppData\Roaming\uTorrent
[2011.04.04 11:31:05 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.04.28 13:48:22 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:C95B63DA

< End of report >

--- --- ---

TR/Kazy.mekml.1 ... SOS

Plagegeister aller Art und deren Bekämpfung: TR/Kazy.mekml.1 ... SOS

TR/Kazy.mekml.1 ... SOS

Ähnliche Themen: TR/Kazy.mekml.1 ... SOS