Bitte um auswertung meines Log files smart hdd
hallo die runde - habe mir gestern leider auch den smart hdd virus eingefangen.
habe leider gestern ohne mich grossartig zu informieren einige programme geladen , ua spywaredoctor , Malwarebytes , ...
den virus dürfte ich eventuell runter bekommen haben allerdings nicht ganz das heisst der virusscanner(avast) meldet nichts mehr auch malwarebytes meldet nichts mehr !
hab aber folgende probleme ich kann meinen mail konto outlokk nicht öffnen es mir geschrieben das eventuell ein virenscanner das programm überwacht und windows uptade funktioniert auch nicht .
hab jetzt otl rüber laufen lassen - bitte um Hilfe . DankeOTL Logfile: Code:
OTL logfile created on: 12.04.2012 17:20:18 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\++++\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,82 Gb Available Physical Memory | 41,11% Memory free
4,24 Gb Paging File | 2,89 Gb Available in Paging File | 68,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,85 Gb Total Space | 4,39 Gb Free Space | 14,69% Space Free | Partition Type: NTFS
Drive D: | 430,02 Gb Total Space | 138,63 Gb Free Space | 32,24% Space Free | Partition Type: NTFS
Computer Name: ++++PC | User Name: ++++ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\++++\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Programme\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe (Seagate Technology LLC)
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\WinRAR\RarExt.dll ()
========== Win32 Services (SafeList) ==========
SRV - (ThreatFire) -- C:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe service File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (UMVPFSrv) -- C:\Programme\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (FreeAgentGoFlex Service) -- C:\Programme\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe (Seagate Technology LLC)
SRV - (LVPrcSrv) -- C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (TFSysMon) -- system32\drivers\TfSysMon.sys File not found
DRV - (TfNetMon) -- C:\Windows\system32\drivers\TfNetMon.sys File not found
DRV - (TfFsMon) -- system32\drivers\TfFsMon.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (MpKsl45d7fc1c) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{816920C4-18DF-4AC1-AB64-B7294B35619B}\MpKsl45d7fc1c.sys File not found
DRV - (MpKsl021df19d) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{327A5EB5-8891-49A5-BD18-4C698AF8E495}\MpKsl021df19d.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (dgderdrv) -- System32\drivers\dgderdrv.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (pctgntdi) -- C:\Windows\System32\drivers\pctgntdi.sys (PC Tools)
DRV - (sscemdm) -- C:\Windows\System32\drivers\sscemdm.sys (MCCI Corporation)
DRV - (sscebus) SAMSUNG USB Composite Device V2 driver (WDM) -- C:\Windows\System32\drivers\sscebus.sys (MCCI Corporation)
DRV - (sscemdfl) -- C:\Windows\System32\drivers\sscemdfl.sys (MCCI Corporation)
DRV - (pctDS) -- C:\Windows\System32\drivers\pctDS.sys (PC Tools)
DRV - (PCTCore) -- C:\Windows\System32\drivers\PCTCore.sys (PC Tools)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LVUVC) Logitech Webcam 905(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.krone.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\MAHA\AppData\Roaming\IDM\idmmzcc5
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B7E03F6-822F-4D01-BF07-12D946DA4F14}: DhcpNameServer = 195.34.133.21 212.186.211.21
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\++++\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\++++AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.04.12 17:07:03 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.04.12 13:06:34 | 000,000,000 | ---D | C] -- C:\Users\++++\AppData\Roaming\Malwarebytes
[2012.04.12 13:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.04.12 13:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.04.12 13:05:45 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.04.12 13:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.04.12 04:35:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\WCID
[2012.04.11 20:03:55 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.04.11 17:10:24 | 000,056,840 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2012.04.11 17:10:23 | 002,250,704 | R--- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012.04.11 17:10:23 | 001,681,360 | R--- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012.04.11 17:10:23 | 000,149,456 | R--- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012.04.11 17:09:28 | 000,253,352 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2012.04.11 17:09:28 | 000,107,864 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2012.04.11 17:09:23 | 000,017,848 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012.04.11 17:09:21 | 000,070,536 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2012.04.11 17:08:17 | 000,909,728 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2012.04.11 17:08:17 | 000,342,168 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2012.04.11 17:08:11 | 000,331,880 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2012.04.11 17:08:11 | 000,185,560 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012.04.11 17:08:11 | 000,162,584 | R--- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2012.04.11 17:08:00 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.04.11 17:07:59 | 000,000,000 | ---D | C] -- C:\Users\++++\AppData\Roaming\TestApp
[2012.04.07 12:48:38 | 000,418,464 | R--- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.07 12:48:38 | 000,070,304 | R--- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.07 10:24:55 | 000,000,000 | ---D | C] -- C:\Users\++++\AppData\Roaming\Mozilla
[2012.04.07 09:54:21 | 000,000,000 | ---D | C] -- C:\Users\++++\AppData\Roaming\JonDo
[2012.04.07 09:52:03 | 000,472,808 | R--- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.03.14 12:51:16 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.03.14 12:51:16 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 12:51:16 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.03.14 12:51:16 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.03.14 12:51:16 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
========== Files - Modified Within 30 Days ==========
[2012.04.12 17:07:03 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.04.12 16:58:56 | 000,228,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.12 13:05:47 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.12 12:51:27 | 000,023,831 | ---- | M] () -- C:\LDB_20120405001
[2012.04.11 19:38:08 | 000,003,664 | R--- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.11 19:38:07 | 000,003,664 | R--- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.11 19:37:15 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.04.11 19:28:48 | 002,734,137 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012.04.11 19:21:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.11 19:09:23 | 000,628,504 | R--- | M] () -- C:\Windows\System32\perfh007.dat
[2012.04.11 19:09:23 | 000,595,798 | R--- | M] () -- C:\Windows\System32\perfh009.dat
[2012.04.11 19:09:23 | 000,126,054 | R--- | M] () -- C:\Windows\System32\perfc007.dat
[2012.04.11 19:09:23 | 000,103,872 | R--- | M] () -- C:\Windows\System32\perfc009.dat
[2012.04.11 19:04:34 | 000,001,090 | R--- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.04.11 19:04:20 | 000,067,584 | R-S- | M] () -- C:\Windows\bootstat.dat
[2012.04.11 17:38:09 | 000,000,680 | R--- | M] () -- C:\Users\\++++AppData\Local\d3d9caps.dat
[2012.04.11 14:08:50 | 000,002,577 | R--- | M] () -- C:\Windows\System32\config.nt
[2012.04.09 18:54:03 | 000,179,200 | R--- | M] () -- C:\Users\++++\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.09 17:35:51 | 000,000,000 | R--- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012.04.08 18:38:16 | 000,418,464 | R--- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.04.08 18:38:16 | 000,070,304 | R--- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.04.07 09:51:40 | 000,472,808 | R--- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.04.12 16:58:45 | 000,228,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.04.12 13:05:47 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.04.12 12:51:26 | 000,023,831 | ---- | C] () -- C:\LDB_20120405001
[2012.04.11 19:28:14 | 002,734,137 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012.04.11 17:10:24 | 000,767,952 | R--- | C] () -- C:\Windows\BDTSupport.dll
[2012.04.11 17:10:23 | 000,003,488 | R--- | C] () -- C:\Windows\UDB.zip
[2012.04.11 17:10:23 | 000,000,882 | R--- | C] () -- C:\Windows\RegSDImport.xml
[2012.04.11 17:10:23 | 000,000,879 | R--- | C] () -- C:\Windows\RegISSImport.xml
[2012.04.11 17:10:23 | 000,000,131 | R--- | C] () -- C:\Windows\IDB.zip
[2012.04.07 12:48:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.01.31 09:08:45 | 000,175,616 | R--- | C] () -- C:\Windows\System32\unrar.dll
[2011.06.13 13:53:00 | 000,000,680 | R--- | C] () -- C:\Users\++++\AppData\Local\d3d9caps.dat
[2011.05.07 15:25:53 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.01 05:07:02 | 010,877,272 | R--- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011.04.01 05:07:02 | 000,102,744 | R--- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011.04.01 05:06:56 | 000,331,608 | R--- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011.04.01 04:56:00 | 000,027,872 | R--- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.02.27 18:25:30 | 000,027,648 | R--- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.02.26 11:49:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.23 17:28:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.23 17:28:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.22 22:01:52 | 000,179,200 | R--- | C] () -- C:\Users\++++\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.29 18:00:22 | 000,974,848 | R--- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.29 18:00:22 | 000,081,920 | R--- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.29 18:00:22 | 000,065,536 | R--- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.29 18:00:22 | 000,057,344 | R--- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
========== LOP Check ==========
[2011.11.05 13:36:12 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\DMCache
[2012.04.07 10:05:27 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\JonDo
[2011.08.17 14:42:02 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\Leadertech
[2012.02.04 15:50:30 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\Samsung
[2011.11.26 13:52:06 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\Temp
[2011.03.01 16:10:35 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\TerraTec
[2012.04.11 17:07:59 | 000,000,000 | ---D | M] -- C:\Users\++++\AppData\Roaming\TestApp
[2012.04.11 19:38:01 | 000,032,606 | R--- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\++++\Desktop\V240709_20.34.AVI:TOC.WMV
@Alternate Data Stream - 584 bytes -> C:\Users\++++\Documents\rtret.eml:OECustomProperty
@Alternate Data Stream - 510 bytes -> C:\Users\++++\Documents\kkk.eml:OECustomProperty
@Alternate Data Stream - 510 bytes -> C:\Users\++++\Documents\56.eml:OECustomProperty
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
--- --- --- |
