| |
| |||||||
Log-Analyse und Auswertung: kazy.mekl TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.05.2011, 19:29
| #1 |
 |  kazy.mekl Trojaner Hallo zusammen, hab mir den Kazy.mekl eingefangen,leider nicht die erste Forenregel beachtet und die Schritte unternommen,die einem anderen User empfohlen wurden.Bin, was Computer angeht, leider unbedarft... Ich bitte Euch um Hilfe! Hier mein otl. scan: OTL logfile created on: 23.04.2011 00:27:41 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Public Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,25 Gb Total Space | 51,83 Gb Free Space | 36,44% Space Free | Partition Type: NTFS Drive D: | 6,80 Gb Total Space | 1,70 Gb Free Space | 25,02% Space Free | Partition Type: NTFS Computer Name: PACITUS-PC | User Name: Pacitus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Public\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC) PRC - C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) PRC - C:\Programme\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) PRC - C:\Users\Pacitus\Program Files\DNA\btdna.exe (BitTorrent, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Logitech\QuickCam\Quickcam.exe () PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\MSN Messenger\msnmsgr.exe (Microsoft Corporation) PRC - C:\Programme\Napster\napster.exe (Napster) PRC - C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation) PRC - C:\Programme\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - c:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) PRC - c:\Programme\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation) PRC - C:\Programme\Cleverlearn\CleverTrainer\CleverTrainer Desktop Tool\CLTDesktopTool.exe (Cleverlearn, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Public\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (Symantec Corporation) SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.) SRV - (ISPwdSvc) -- c:\Program Files\Norton Internet Security\isPwdSvc.exe (Symantec Corporation) SRV - (comHost) -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation) SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation) SRV - (CLTNetCnService) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccSetMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (ccEvtMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation) SRV - (SymAppCore) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (LVUVC) Logitech QuickCam E3500(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.) DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.) DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070430.018\NAVENG.SYS (Symantec Corporation) DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation ) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation) DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation) DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (IDSvix86) -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys (Symantec Corporation) DRV - (eabfiltr) -- C:\Windows\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=73&bd=Pavilion&pf=laptop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search-results.com?o=41648036&l=dis IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Search-Results" FF - prefs.js..browser.search.defaultenginename: "Search-Results" FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..browser.search.order.1: "Search-Results" FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-" FF - prefs.js..browser.search.selectedEngine: "Search-Results" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://de.search-results.com?o=41648036&l=dis" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {C3947F4E-8894-4C04-98E0-DF182C706DDF}:1.1 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..keyword.URL: "hxxp://websearch.search-results.com/redirect?client=ff&src=kw&tb=STC-SRS&o=41648033&locale=de_DE&apn_uid=3E583D17-BE1E-4466-B700-361FBE572F8A&apn_ptnrs=96&apn_sauid=91C5242D-C615-40F1-B4B0-539F5FF03DD9&apn_dtid=YYYYYYYYDE&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.04.19 16:09:56 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010.12.30 00:54:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010.12.30 00:54:50 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 06:29:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 06:29:00 | 000,000,000 | ---D | M] [2009.03.31 10:25:05 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Extensions [2011.04.22 22:07:09 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions [2011.04.19 16:10:40 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.19 16:10:40 | 000,000,000 | -H-D | M] (Yahoo! Toolbar) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2011.04.19 16:10:41 | 000,000,000 | -H-D | M] (Webblog) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\{C3947F4E-8894-4C04-98E0-DF182C706DDF} [2011.04.19 16:10:42 | 000,000,000 | -H-D | M] (Adblock Plus) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.04.19 16:10:40 | 000,000,000 | -H-D | M] (Move Media Player) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\moveplayer@movenetworks.com [2011.04.19 23:18:35 | 000,000,000 | -H-D | M] (Softonic Toolbar) -- C:\Users\Pacitus\AppData\Roaming\mozilla\Firefox\Profiles\zdvojdpi.default\extensions\toolbar@ask.com [2010.09.12 21:16:39 | 000,001,115 | -H-- | M] () -- C:\Users\Pacitus\AppData\Roaming\Mozilla\Firefox\Profiles\zdvojdpi.default\searchplugins\rapidshare-filefinder.xml [2011.04.19 23:18:39 | 000,003,367 | -H-- | M] () -- C:\Users\Pacitus\AppData\Roaming\Mozilla\Firefox\Profiles\zdvojdpi.default\searchplugins\search-results.xml [2010.12.28 15:17:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.11.15 18:23:46 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.08.30 09:15:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.12.28 15:17:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.12.30 00:54:49 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>  -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO[2010.12.30 00:54:50 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA [2010.08.30 09:15:18 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.12.28 15:17:37 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.04.19 16:09:56 | 000,000,000 | -H-D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.04.22 15:29:08 | 000,000,000 | -H-D | M] (No name found) -- C:\USERS\PACITUS\PROGRAM FILES\DNA [2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.30 06:22:59 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.30 06:22:59 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.30 06:22:59 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.08 23:21:24 | 000,002,224 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\webblog.xml [2010.10.30 06:22:59 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.30 06:22:59 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found. O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.) O2 - BHO: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Programme\wbtooltb\wbtoolDx.dll () O2 - BHO: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Programme\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Webblog) - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Programme\wbtooltb\wbtoolDx.dll () O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security)) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Pacitus\Program Files\DNA\btdna.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [dlUnqaYBbo] File not found O4 - HKCU..\Run: [msnmsgr] C:\Programme\MSN Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\HPSplash.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\HPSplash.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.23 00:16:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PC Tweaker [2011.04.23 00:16:50 | 000,000,000 | ---D | C] -- C:\Programme\Advanced PC Tweaker [2011.04.20 00:15:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\MFAData [2011.04.19 20:11:19 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com [2011.04.19 20:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Data Recovery Wizard 5.0.1 Demo [2011.04.19 20:09:33 | 000,000,000 | ---D | C] -- C:\Programme\EASEUS [2011.04.19 20:08:42 | 003,856,864 | -H-- | C] (EASEUS ) -- C:\Users\Pacitus\Desktop\EaseusDataRecoveryWizard5.0.1.exe [2011.04.17 10:34:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.17 10:34:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.17 10:34:18 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.17 10:34:17 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.17 10:34:17 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.17 10:34:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.17 10:34:17 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.17 10:34:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.17 10:34:14 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.17 10:34:14 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.17 10:34:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.17 10:34:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.17 10:34:13 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.17 10:34:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.17 10:34:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.17 10:34:12 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.17 10:34:12 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.17 10:34:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.17 10:34:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.17 10:34:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.17 10:34:11 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.17 10:34:10 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.17 10:34:10 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.17 10:34:10 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.17 10:34:09 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.17 10:34:08 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.17 10:34:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.17 10:34:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.17 10:34:06 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.17 10:34:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.17 10:34:06 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.17 10:34:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.17 10:34:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.17 10:34:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.17 10:34:05 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.17 10:34:04 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.17 10:34:03 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.17 10:34:03 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.17 10:34:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.15 12:16:34 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.15 12:16:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.15 12:16:24 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.15 12:16:23 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.15 12:16:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.15 12:15:47 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.11 20:55:12 | 000,000,000 | ---D | C] -- C:\Programme\MSECache [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.23 00:21:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.23 00:21:43 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.23 00:17:05 | 000,000,504 | ---- | M] () -- C:\Windows\tasks\One-Click Tweak.job [2011.04.23 00:16:53 | 000,000,926 | ---- | M] () -- C:\Users\Pacitus\Desktop\Advanced PC Tweaker.lnk [2011.04.23 00:16:53 | 000,000,881 | ---- | M] () -- C:\Users\Pacitus\Desktop\Advanced PC Tweaker 1-Click Tweak.lnk [2011.04.23 00:06:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.23 00:06:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.22 23:42:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.22 16:41:22 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.04.22 15:30:39 | 000,000,150 | -H-- | M] () -- C:\Users\Public\Documents\hpqp.ini [2011.04.22 15:28:12 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Pacitus-Startup.job [2011.04.22 15:27:30 | 2137,022,464 | -HS- | M] () -- C:\hiberfil.sys [2011.04.21 15:39:29 | 002,421,015 | ---- | M] () -- C:\Users\Pacitus\Documents\4775960.pdf [2011.04.21 15:38:45 | 002,269,123 | ---- | M] () -- C:\Users\Pacitus\Documents\4774676.pdf [2011.04.19 20:09:37 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Data Recovery Wizard 5.0.1 Demo.lnk [2011.04.19 20:08:51 | 003,856,864 | -H-- | M] (EASEUS ) -- C:\Users\Pacitus\Desktop\EaseusDataRecoveryWizard5.0.1.exe [2011.04.19 15:13:24 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.19 15:13:24 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.19 15:13:24 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.19 15:13:24 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.18 11:02:46 | 022,127,057 | -H-- | M] () -- C:\Users\Pacitus\Documents\selectionsfromla00gardrich.pdf [2011.04.18 10:51:58 | 014,141,013 | -H-- | M] () -- C:\Users\Pacitus\Documents\fablesdephedreav00phae.pdf [2011.04.17 10:34:49 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011.04.17 10:34:49 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011.04.17 10:34:21 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.17 10:34:19 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.17 10:34:18 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.17 10:34:17 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.17 10:34:17 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.04.17 10:34:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.04.17 10:34:17 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.04.17 10:34:16 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.17 10:34:14 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.17 10:34:14 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.04.17 10:34:14 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.04.17 10:34:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.04.17 10:34:13 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.04.17 10:34:13 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.17 10:34:13 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.04.17 10:34:13 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.17 10:34:12 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.17 10:34:12 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.17 10:34:12 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.04.17 10:34:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.17 10:34:11 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.04.17 10:34:11 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.17 10:34:10 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.17 10:34:10 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.04.17 10:34:10 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.04.17 10:34:09 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.04.17 10:34:08 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.17 10:34:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.17 10:34:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.04.17 10:34:06 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.17 10:34:06 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.17 10:34:06 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.17 10:34:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.17 10:34:06 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.17 10:34:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.17 10:34:05 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.04.17 10:34:04 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.17 10:34:03 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.04.17 10:34:03 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.17 10:34:03 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.17 10:26:10 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011.04.16 10:16:50 | 000,321,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.13 23:06:15 | 000,023,552 | -H-- | M] () -- C:\Users\Pacitus\Documents\Politische Entwicklungslinien nach Cäsars Tod.wps [2011.04.11 22:41:47 | 000,009,728 | -H-- | M] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 2b.wps [2011.04.11 22:34:28 | 000,009,216 | -H-- | M] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 2.wps [2011.04.10 13:00:21 | 001,673,544 | -H-- | M] () -- C:\Users\Pacitus\Documents\Milo.wps [2011.04.10 12:44:11 | 015,493,087 | -H-- | M] () -- C:\Users\Pacitus\Documents\protanniomilonea00ciceuoft.pdf [2011.04.09 23:59:32 | 000,070,996 | -H-- | M] () -- C:\Users\Pacitus\Desktop\tropen_und_figuren.pdf [2011.04.09 23:28:13 | 001,206,582 | -H-- | M] () -- C:\Users\Pacitus\Desktop\hilfsbuch.pdf [2011.04.09 11:42:04 | 000,181,848 | -H-- | M] () -- C:\Users\Pacitus\Documents\Pro Milone Text.wps [2011.04.07 19:56:58 | 000,142,848 | -H-- | M] () -- C:\Users\Pacitus\Documents\Rom Figurenkonstellation u Charaktere.wps [2011.04.07 07:39:41 | 000,012,288 | -H-- | M] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 1.wps [2011.04.07 07:07:21 | 000,050,176 | -H-- | M] () -- C:\Users\Pacitus\Documents\Rom Caesargegner.wps [2011.04.06 20:32:32 | 000,032,768 | -H-- | M] () -- C:\Users\Pacitus\Documents\Deponentien Übung.wps [2011.03.24 22:32:33 | 000,009,216 | -H-- | M] () -- C:\Users\Pacitus\Documents\Geburtstagsliste.wps [2011.03.24 18:35:12 | 000,009,728 | -H-- | M] () -- C:\Users\Pacitus\Documents\Registriern. Ritterbach.wps [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.23 00:17:04 | 000,000,504 | ---- | C] () -- C:\Windows\tasks\One-Click Tweak.job [2011.04.23 00:16:53 | 000,000,926 | ---- | C] () -- C:\Users\Pacitus\Desktop\Advanced PC Tweaker.lnk [2011.04.23 00:16:53 | 000,000,881 | ---- | C] () -- C:\Users\Pacitus\Desktop\Advanced PC Tweaker 1-Click Tweak.lnk [2011.04.21 15:39:29 | 002,421,015 | ---- | C] () -- C:\Users\Pacitus\Documents\4775960.pdf [2011.04.21 15:38:45 | 002,269,123 | ---- | C] () -- C:\Users\Pacitus\Documents\4774676.pdf [2011.04.19 20:09:37 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Data Recovery Wizard 5.0.1 Demo.lnk [2011.04.18 11:02:44 | 022,127,057 | -H-- | C] () -- C:\Users\Pacitus\Documents\selectionsfromla00gardrich.pdf [2011.04.18 10:51:57 | 014,141,013 | -H-- | C] () -- C:\Users\Pacitus\Documents\fablesdephedreav00phae.pdf [2011.04.17 10:34:13 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.04.13 23:06:15 | 000,023,552 | -H-- | C] () -- C:\Users\Pacitus\Documents\Politische Entwicklungslinien nach Cäsars Tod.wps [2011.04.11 22:41:47 | 000,009,728 | -H-- | C] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 2b.wps [2011.04.11 22:34:28 | 000,009,216 | -H-- | C] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 2.wps [2011.04.11 20:59:31 | 000,002,080 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk [2011.04.10 12:56:56 | 001,673,544 | -H-- | C] () -- C:\Users\Pacitus\Documents\Milo.wps [2011.04.10 12:44:10 | 015,493,087 | -H-- | C] () -- C:\Users\Pacitus\Documents\protanniomilonea00ciceuoft.pdf [2011.04.09 23:59:32 | 000,070,996 | -H-- | C] () -- C:\Users\Pacitus\Desktop\tropen_und_figuren.pdf [2011.04.09 23:28:13 | 001,206,582 | -H-- | C] () -- C:\Users\Pacitus\Desktop\hilfsbuch.pdf [2011.04.09 11:42:03 | 000,181,848 | -H-- | C] () -- C:\Users\Pacitus\Documents\Pro Milone Text.wps [2011.04.07 07:39:41 | 000,012,288 | -H-- | C] () -- C:\Users\Pacitus\Documents\Rom Arbeitsblatt 1.wps [2011.04.07 07:07:20 | 000,050,176 | -H-- | C] () -- C:\Users\Pacitus\Documents\Rom Caesargegner.wps [2011.04.06 21:13:15 | 000,142,848 | -H-- | C] () -- C:\Users\Pacitus\Documents\Rom Figurenkonstellation u Charaktere.wps [2011.04.06 19:03:36 | 000,032,768 | -H-- | C] () -- C:\Users\Pacitus\Documents\Deponentien Übung.wps [2011.03.24 18:35:12 | 000,009,728 | -H-- | C] () -- C:\Users\Pacitus\Documents\Registriern. Ritterbach.wps [2010.11.15 18:25:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.15 16:44:50 | 000,081,110 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009.08.19 22:28:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.08.19 22:28:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.04.18 11:42:41 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat [2009.04.18 11:42:41 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat [2009.04.18 11:42:41 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat [2009.04.18 11:42:41 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat [2009.04.18 11:42:41 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat [2009.04.18 11:42:41 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat [2009.04.18 11:42:41 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat [2009.04.18 11:42:41 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat [2009.04.18 11:42:41 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat [2009.04.18 11:42:41 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat [2009.04.18 11:42:41 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat [2009.04.18 11:42:41 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat [2009.04.18 11:42:41 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat [2009.04.18 11:42:41 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat [2009.04.18 11:42:41 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat [2009.04.18 11:42:41 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat [2009.04.18 11:42:41 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat [2009.04.18 11:42:41 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat [2009.04.18 11:42:41 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2009.01.14 10:58:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.12.16 22:58:54 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2008.12.16 22:50:56 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLgFT.dll [2008.08.21 19:53:45 | 000,000,680 | -H-- | C] () -- C:\Users\Pacitus\AppData\Local\d3d9caps.dat [2008.07.10 15:27:08 | 000,001,639 | ---- | C] () -- C:\Windows\wininit.ini [2008.07.10 15:23:01 | 000,000,326 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.01.22 15:36:37 | 000,162,304 | -H-- | C] () -- C:\Users\Pacitus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.12.17 20:34:42 | 000,005,972 | -H-- | C] () -- C:\Users\Pacitus\AppData\Roaming\wklnhst.dat [2007.07.04 19:12:44 | 000,111,045 | ---- | C] () -- C:\Windows\hpqins13.dat [2007.05.31 13:14:00 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll [2007.05.31 12:49:06 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2007.05.31 12:01:22 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2007.02.27 22:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006.12.14 08:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006.12.14 08:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2006.11.02 17:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,321,208 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2002.05.16 01:38:40 | 000,091,136 | ---- | C] () -- C:\Windows\System32\mp4fil32.dll [2002.05.04 15:19:00 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avisynthEx.dll [2002.04.21 20:30:14 | 000,151,552 | ---- | C] () -- C:\Windows\System32\OggDS.dll [2002.04.19 16:23:26 | 000,106,137 | ---- | C] () -- C:\Windows\System32\libpostproc.dll [2002.04.19 15:51:04 | 000,211,760 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2002.04.02 00:16:30 | 000,454,656 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll [2002.04.02 00:16:14 | 000,118,784 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2002.04.02 00:15:40 | 000,011,264 | ---- | C] () -- C:\Windows\System32\ogg.dll [2002.02.21 18:41:20 | 000,157,184 | ---- | C] () -- C:\Windows\System32\unrar.dll [2001.06.22 13:06:02 | 000,167,936 | ---- | C] () -- C:\Windows\System32\MPEG2DEC.dll ========== LOP Check ========== [2011.04.19 16:10:38 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\BitTorrent [2011.04.23 00:32:25 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\DNA [2010.11.15 16:47:07 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\Leadertech [2010.12.30 00:54:55 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\Local [2007.12.17 20:34:43 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\Template [2011.04.19 16:31:10 | 000,000,000 | -H-D | M] -- C:\Users\Pacitus\AppData\Roaming\UseNeXT [2011.04.23 00:17:05 | 000,000,504 | ---- | M] () -- C:\Windows\Tasks\One-Click Tweak.job [2011.04.21 01:10:40 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.04.22 15:28:12 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Pacitus-Startup.job ========== Purity Check ========== < End of report >  |
| Themen zu kazy.mekl Trojaner |
| .dll, adblock, antivir, autorun, avgntflt.sys, avira, bho, computer, data recovery, defender, desktop, error, explorer, firefox, format, google, home, launch, location, logfile, microsoft office word, mozilla, oldtimer, plug-in, realtek, registry, safer networking, scan, searchplugins, security, security scan, softonic, software, start menu, symantec, trojane, trojaner, vista |
Baum-Darstellung