Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Kazy.mekml.1 - was tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 11.05.2011, 15:56   #3
Baileys
 
TR/Kazy.mekml.1 - was tun? - Standard

TR/Kazy.mekml.1 - was tun?



Hallo und schonmal Danke schön für deine Hilfe.

Habe alles so gemacht (hoffe es passt alles), wie du es beschrieben hast und hier hast du die Ergebnisse.

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6554

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11.05.2011 16:25:14
mbam-log-2011-05-11 (16-25-14).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|Q:\|)
Durchsuchte Objekte: 286362
Laufzeit: 1 Stunde(n), 52 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Baileys\AppData\LocalLow\Sun\Java\deployment\cache\6.0\8\626ef288-1a320c48 (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Baileys\AppData\Roaming\Adobe\plugs\mmc40110415.txt (Trojan.Hiloti) -> Quarantined and deleted successfully.
         
Code:
ATTFilter
OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Code:
ATTFilter
OTL logfile created on: 5/11/2011 4:36:40 PM - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Baileys\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.99 Gb Total Space | 106.46 Gb Free Space | 76.59% Space Free | Partition Type: NTFS
Drive D: | 139.00 Gb Total Space | 131.42 Gb Free Space | 94.55% Space Free | Partition Type: NTFS
 
Computer Name: BAILEYS-PC | User Name: Baileys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Baileys\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV - (ZTEusbnet) -- C:\Windows\System32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\Windows\System32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&affID=17159
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110329release
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=3ed7899b0000000000004c0f6e8b1fe8&tlver=1.4.19.19&instlRef=sst&affID=17159&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig?hl=de#t_0"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/01 16:04:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/25 19:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/01 16:07:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/04/22 20:38:13 | 000,000,000 | ---D | M]
 
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions
[2011/01/08 00:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/01/27 02:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/04/29 02:17:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Baileys\AppData\Roaming\mozilla\Firefox\Profiles\az730lx2.default\extensions
[2011/01/20 21:07:39 | 000,003,915 | ---- | M] () -- C:\Users\Baileys\AppData\Roaming\Mozilla\Firefox\Profiles\az730lx2.default\searchplugins\sweetim.xml
[2011/01/20 21:07:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/01/07 14:05:07 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/01/11 05:21:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/11 04:48:13 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\BAILEYS\APPDATA\LOCAL\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/01 16:04:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/11 05:21:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/04/09 09:35:13 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/09 09:48:33 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/04/09 09:35:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/09 09:35:13 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/09 09:35:13 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/09 09:35:13 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/09 09:35:13 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{3f23b376-440b-11e0-bb89-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b47755-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{85b4775f-30c8-11e0-b842-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b1f-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ac728b34-3df0-11e0-bef0-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell - "" = AutoRun
O33 - MountPoints2\{ebafa77c-70d1-11e0-99da-002454cb7cfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/05/11 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Baileys\Documents\Simply Super Software
[2011/05/11 05:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011/05/11 04:09:22 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Malwarebytes
[2011/05/11 04:09:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/05/11 04:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/11 04:08:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/11 04:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/05/11 04:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/11 03:42:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{ECD1A716-4588-4366-9943-DA5B5D727363}
[2011/05/10 16:07:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{43D0507C-296C-49CC-97DC-966338248A52}
[2011/05/10 15:43:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{56231C92-64C8-428D-90A5-48BA34997031}
[2011/05/09 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{50AE4613-F75F-452C-83C2-48B802C6FEF2}
[2011/05/09 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{BB7B49AD-0399-4F39-9C3B-1C79647860CE}
[2011/05/08 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{3657AFB3-DF08-441A-A60A-E2DE683775F7}
[2011/05/08 02:25:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAC8D531-D6DB-4EFE-A015-4523A68ECE7B}
[2011/05/07 11:06:53 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7011F6F1-5BDE-424A-82AC-4FB33551C725}
[2011/05/06 15:44:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{17102787-1659-422D-989D-8DAA0E1DCDF5}
[2011/05/05 18:30:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{48C103C4-F80A-44FA-835E-AE5F854C1CB5}
[2011/05/04 17:21:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C172829B-7159-4E7B-B5DF-AAB91802D159}
[2011/05/04 03:55:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9C6DC8FE-C621-46E9-B5AD-903848A591E4}
[2011/05/03 15:55:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{06583A8F-2BBD-4564-9AA4-05794AD5EC52}
[2011/05/02 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{9ADAB908-6239-4006-9A61-A21C54408CF2}
[2011/05/02 11:22:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{FAB7D5D5-A4A5-4064-8D08-11AC43A9403C}
[2011/05/01 16:52:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7D9C8003-E537-4DDF-918D-9EB5E17E281C}
[2011/05/01 16:06:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{0CE40FA7-4FDD-4AD7-8ABC-146AAC956593}
[2011/05/01 01:27:06 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{CBF981D7-A23E-4A72-860F-2624F9796FC6}
[2011/04/30 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{45047024-EE1C-4E50-90CC-7F7CAE3A083C}
[2011/04/29 19:07:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7FC5ECBF-FE07-456D-B2F4-C991FC29D1A3}
[2011/04/28 15:47:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E4D36517-A6CA-4CBC-A22F-FF906814F789}
[2011/04/27 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1CCEA57C-49B9-434E-B738-891E78D37C3C}
[2011/04/27 16:20:19 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview
[2011/04/27 16:19:39 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders
[2011/04/27 16:12:58 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll
[2011/04/27 15:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2011/04/27 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2011/04/27 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{460B8D94-E5AF-4A67-B475-D079D5805431}
[2011/04/26 18:28:44 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4B295FEA-770B-445B-BCA0-F0C931B4727A}
[2011/04/25 19:35:56 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7961D91A-410B-4D15-BBAE-27C16803E7D6}
[2011/04/23 06:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/04/22 22:41:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{6124D63F-CE3D-47DB-A7CF-16E7141A6A54}
[2011/04/22 20:43:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:43:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:41:15 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\NokiaAccount
[2011/04/22 20:39:45 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\Nokia
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/04/22 20:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011/04/22 20:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011/04/22 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2011/04/22 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011/04/22 20:38:08 | 000,018,816 | ---- | C] (Nokia) -- C:\windows\System32\drivers\pccsmcfd.sys
[2011/04/22 20:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2011/04/22 20:37:26 | 000,075,264 | ---- | C] (Nokia) -- C:\windows\System32\nmwcdcls.dll
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2011/04/22 20:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011/04/22 10:41:12 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{DD5F50AD-C2A9-4B21-9AC9-E8FA8F58A621}
[2011/04/21 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{8D44564F-7CD5-42A9-A5F7-CBE00C614A37}
[2011/04/20 18:54:40 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B0178AAE-E8E0-4B7D-86FA-0A9DCF235E3A}
[2011/04/20 04:33:09 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{A8AD07BE-001B-4F73-9E6A-6D18A300A443}
[2011/04/19 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7C16A1A7-5750-454D-A337-F90436813F9A}
[2011/04/18 15:43:18 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C2589FB9-F185-40A3-936A-D1544AEAE6E3}
[2011/04/18 03:49:37 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{C78D2C9C-E597-45EC-86F7-EB57539110B3}
[2011/04/18 03:42:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{55FF3D84-7FA0-43E1-87BF-FE7FAAAC783C}
[2011/04/18 03:37:51 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{2A638369-79C7-4481-BA9B-7FCD71AC09D3}
[2011/04/17 15:37:24 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7EDDA988-8114-46F6-A1B9-AADF915E23D5}
[2011/04/16 23:34:48 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{AB724F29-6E23-4D2C-9AFE-551DC8048293}
[2011/04/16 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{B718824E-ED12-4847-9178-86AFEA8AB180}
[2011/04/15 23:33:02 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{D02F5D97-5FDC-457E-9302-7A2E1BDC4CCC}
[2011/04/15 11:32:36 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7F0261F4-BD3F-471C-B0D2-1AE130ECE6C2}
[2011/04/14 22:55:30 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{4F2C6D2A-8DD0-43B7-93AE-D559C14DB068}
[2011/04/14 10:55:04 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{1072F0AC-E26E-4FC9-94AE-5D0C3BCC8CFC}
[2011/04/13 22:25:10 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{7405CE31-CB08-4FEE-8069-0BE601EF581D}
[2011/04/13 04:14:19 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{E1F9A57A-978F-4C51-B2F5-DD04A08585D4}
[2011/04/12 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{58BE38FD-5214-49A4-A7BC-D30481CDFF39}
[2011/04/11 17:04:46 | 000,000,000 | ---D | C] -- C:\Users\Baileys\AppData\Local\{F24C43A7-F6AD-4271-AF3B-94F9CAF4C3C9}
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:34:48 | 000,014,512 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/11 16:27:40 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/11 16:27:31 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011/05/11 16:27:27 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/05/11 16:27:23 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/11 15:54:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/11 04:09:01 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 03:42:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Baileys\Desktop\OTL.exe
[2011/05/11 02:51:40 | 000,000,120 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | M] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/05/04 22:16:41 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/05/04 22:16:41 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/05/04 22:16:41 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/05/04 22:16:41 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/27 16:40:46 | 000,277,656 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/04/27 16:24:31 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2011/04/22 20:47:24 | 000,007,680 | ---- | M] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | M] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2011/05/11 05:08:58 | 000,162,304 | ---- | C] () -- C:\windows\System32\ztvunrar36.dll
[2011/05/11 05:08:58 | 000,153,088 | ---- | C] () -- C:\windows\System32\UNRAR3.dll
[2011/05/11 05:08:58 | 000,077,312 | ---- | C] () -- C:\windows\System32\ztvunace26.dll
[2011/05/11 05:08:58 | 000,075,264 | ---- | C] () -- C:\windows\System32\unacev2.dll
[2011/05/11 04:09:01 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/11 02:51:40 | 000,000,120 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Inedisidubadi.dat
[2011/05/11 02:51:40 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\AppData\Local\Owuniki.bin
[2011/05/11 02:49:53 | 000,000,000 | ---- | C] () -- C:\Users\Baileys\2gweorjqjutp92vjy9gake
[2011/04/27 16:24:31 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/04/27 16:13:40 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd
[2011/04/27 16:12:46 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml
[2011/04/27 16:12:37 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml
[2011/04/22 20:46:55 | 000,007,680 | ---- | C] () -- C:\Users\Baileys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/22 20:40:52 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011/04/22 20:29:40 | 000,000,000 | ---- | C] () -- C:\windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/01/07 14:05:52 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/07 10:50:06 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\windows\System32\GfxUI.exe.config
[2010/06/14 01:33:19 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/06/14 01:10:58 | 000,000,832 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/06/13 03:47:23 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2010/06/13 03:47:23 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2010/06/13 03:47:23 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2010/06/13 03:47:23 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2010/06/13 03:26:14 | 000,004,608 | ---- | C] () -- C:\windows\System32\HdmiCoin.dll
[2010/06/13 03:26:13 | 000,134,592 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/10/15 19:17:10 | 000,130,520 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,277,656 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011/02/05 03:41:21 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Bytemobile
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\FreeFLVConverter
[2011/05/05 23:36:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVU
[2011/05/11 04:48:12 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\IMVUClient
[2011/05/11 04:48:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Mp3tag
[2011/04/22 20:43:39 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia
[2011/04/22 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Nokia Ovi Suite
[2011/04/22 20:42:11 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\PC Suite
[2011/05/11 05:44:26 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\SoftGrid Client
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TeamViewer
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Thunderbird
[2011/01/30 02:20:54 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\TP
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vivox
[2011/03/01 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone
[2011/05/11 04:48:10 | 000,000,000 | ---D | M] -- C:\Users\Baileys\AppData\Roaming\Vodafone Mobile Connect
[2011/05/08 11:13:13 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Code:
ATTFilter
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	13.06.2010		10.0.42.34
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	01.05.2011	6,00MB	10.2.159.1
Adobe Reader 9.4.4 - Deutsch	Adobe Systems Incorporated	24.04.2011	168,1MB	9.4.4
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	29.01.2011		11.5.9.615
Apple Application Support	Apple Inc.	10.03.2011	51,0MB	1.5.0
Apple Mobile Device Support	Apple Inc.	10.03.2011	21,8MB	3.4.0.25
Apple Software Update	Apple Inc.	10.03.2011	2,26MB	2.1.2.120
Atheros Client Installation Program	Atheros	13.06.2010		1.0.2.1119
Audiograbber 1.83 SE	Audiograbber Deutschland	22.01.2011		1.83 SE
Avira AntiVir Personal - Free Antivirus	Avira GmbH	27.04.2011	76,9MB	10.0.0.648
Babylon toolbar		08.04.2011		
BatteryLifeExtender	Samsung	13.06.2010	31,5MB	1.0.5
Bonjour	Apple Inc.	10.03.2011	1,10MB	2.0.4.0
CCleaner	Piriform	10.05.2011		3.06
CyberLink DVD Suite	CyberLink Corp.	13.06.2010	15,2MB	6.0.2806
CyberLink LabelPrint	CyberLink Corp.	13.06.2010	163,3MB	2.5.1916
CyberLink Power2Go	CyberLink Corp.	13.06.2010	120,2MB	6.0.3108a
CyberLink PowerDirector	CyberLink Corp.	13.06.2010	367MB	7.0.3213
CyberLink PowerDVD 8	CyberLink Corp.	13.06.2010	91,4MB	8.0.2815b
CyberLink PowerProducer	CyberLink Corp.	13.06.2010	298MB	5.0.1.1812
CyberLink YouCam	CyberLink Corp.	06.01.2011	77,2MB	2.0.3625
Easy Display Manager	Samsung Electronics Co., Ltd.	13.06.2010		3.0
Easy Network Manager	Samsung	13.06.2010	20,2MB	4.2.8
Easy SpeedUp Manager	Samsung Electronics Co.,Ltd.	13.06.2010		3.0.0.5
EasyBatteryManager	Samsung	13.06.2010		4.0.0.3
Free FLV Converter V 6.96.0	Koyote Soft	08.04.2011	14,0MB	6.96.0.0
IMVU Avatar Chat Software		26.01.2011		
Intel(R) Graphics Media Accelerator Driver	Intel Corporation	26.04.2011	54,3MB	8.15.10.2302
Intel® Matrix Storage Manager	Intel Corporation	13.06.2010		
Java(TM) 6 Update 23	Oracle	10.01.2011	95,0MB	6.0.230
Malwarebytes' Anti-Malware	Malwarebytes Corporation	10.05.2011	10,5MB	
Marvell Miniport Driver	Marvell	13.06.2010		11.22.3.3
Messenger Plus! 5	Yuna Software	08.04.2011		1.0.1.102
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	08.01.2011	38,8MB	4.0.30319
Microsoft Office 2010	Microsoft Corporation	13.06.2010	6,31MB	14.0.4763.1000
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	29.01.2011		14.0.4763.1000
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	29.01.2011		14.0.4763.1000
Microsoft Silverlight	Microsoft Corporation	20.04.2011	114,3MB	4.0.60310.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	04.02.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	08.01.2011	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	13.06.2010	0,42MB	8.0.56336
Microsoft Visual C++ 2005 Redistributable - KB2467175	Microsoft Corporation	04.05.2011	0,30MB	8.0.51011
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	26.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	21.01.2011	0,58MB	9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 de)	Mozilla	30.04.2011	32,8MB	4.0.1
Mozilla Thunderbird (3.1.10)	Mozilla	30.04.2011		3.1.10 (de)
Mp3tag v2.48	Florian Heidenreich	06.02.2011		v2.48
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	22.04.2011	35,00KB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	22.04.2011	1,33MB	4.20.9876.0
Nokia Connectivity Cable Driver	Nokia	21.04.2011	3,27MB	7.1.36.0
Nokia Ovi Suite	Nokia	21.04.2011		3.0.0.290
Nokia Ovi Suite Software Updater	Nokia Corporation	21.04.2011	43,4MB	02.06.006.44298
Paint.NET v3.5.8	dotPDN LLC	07.03.2011	10,4MB	3.58.0
PC Connectivity Solution	Nokia	21.04.2011	12,9MB	10.50.2.0
QuickTime	Apple Inc.	10.03.2011	73,7MB	7.69.80.9
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	13.06.2010		6.0.1.6003
Samsung Recovery Solution 4	Samsung	13.06.2010		4.0.0.6
Samsung Support Center	Samsung	13.06.2010	45,8MB	1.0.2
Samsung Update Plus	Samsung Electronics Co., Ltd.	13.06.2010		2.0
Skype Toolbars	Skype Technologies S.A.	14.02.2011	7,08MB	5.0.4137
Skype™ 5.1	Skype Technologies S.A.	14.02.2011	22,7MB	5.1.112
Synaptics Pointing Device Driver	Synaptics Incorporated	06.01.2011		15.0.10.0
TeamViewer 6	TeamViewer GmbH	29.01.2011		6.0.10194
Vodafone Mobile Connect Lite	Vodafone	26.04.2011	32,1MB	9.4.4.17702
Winamp	Nullsoft, Inc	03.04.2011		5.61 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	03.04.2011	75,00KB	1.0.0.1
Winamp Offizielle Deutsche Sprachdatei Plus v5.60.1	Christoph Grether	06.02.2011		v5.60.1
Windows Live Essentials	Microsoft Corporation	05.02.2011		15.4.3508.1109
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	06.01.2011	5,58MB	15.4.5722.2
Windows Live Sync	Microsoft Corporation	04.02.2011	2,79MB	14.0.8117.416
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	21.04.2011		08/22/2008 7.0.0.0
         
__________________

Geändert von Baileys (11.05.2011 um 16:00 Uhr) Grund: log hinzugefügt

 

Themen zu TR/Kazy.mekml.1 - was tun?
antivir, audiograbber, autorun, avgntflt.sys, avira, babylon toolbar, babylontoolbar, bho, bonjour, desktop, error, fehler, firefox, flash player, gruppe, home, install.exe, installation, launch, location, logfile, microsoft office starter 2010, mozilla, mozilla thunderbird, mp3, object, oldtimer, plug-in, problem, realtek, registry, richtlinie, rogue.installer.gen, rundll, scan, sched.exe, searchplugins, security, shell32.dll, software, start menu, sweetim, taskhost.exe, trojan.agent.u, vodafone, was tun, webcheck, windows, windows live mesh




Ähnliche Themen: TR/Kazy.mekml.1 - was tun?


  1. TR/Kazy.mekml.1 ; 'TR/FakeSysdef.A.621 ; 'TR/Kazy.22847'..
    Log-Analyse und Auswertung - 15.05.2011 (33)
  2. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 06.05.2011 (1)
  3. Tr/kazy.mekml.1
    Log-Analyse und Auswertung - 03.05.2011 (13)
  4. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 02.05.2011 (2)
  5. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 01.05.2011 (37)
  6. TR/Kazy.mekml.1 - OTL Fix?
    Log-Analyse und Auswertung - 01.05.2011 (17)
  7. TR/Kazy.mekml.1 ... SOS
    Plagegeister aller Art und deren Bekämpfung - 30.04.2011 (34)
  8. TR/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (10)
  9. TR/kazy.mekml.1
    Mülltonne - 26.04.2011 (0)
  10. TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 26.04.2011 (1)
  11. Osterei: TR/Kazy.mekml.1 und TR/Kazy.20364
    Log-Analyse und Auswertung - 25.04.2011 (1)
  12. tr/kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 23.04.2011 (9)
  13. kazy.mekml.1
    Log-Analyse und Auswertung - 23.04.2011 (3)
  14. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (6)
  15. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (11)
  16. TR/kazy.mekml.1
    Log-Analyse und Auswertung - 20.04.2011 (16)
  17. TR/Kazy.mekml.1
    Plagegeister aller Art und deren Bekämpfung - 18.04.2011 (4)

Zum Thema TR/Kazy.mekml.1 - was tun? - Hallo und schonmal Danke schön für deine Hilfe. Habe alles so gemacht (hoffe es passt alles), wie du es beschrieben hast und hier hast du die Ergebnisse. Code: Alles auswählen - TR/Kazy.mekml.1 - was tun?...
Archiv
Du betrachtest: TR/Kazy.mekml.1 - was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.