- #21
T
tensal47
Mitglied
Themenersteller
- Dabei seit
- 30.01.2013
- Beiträge
- 24
- Reaktionspunkte
- 0
OTL 4
========== Files - Modified Within 30 Days ==========
[2013.01.31 19:58:00 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 19:55:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 17:35:10 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:14:52 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 16:14:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.31 16:14:17 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 15:56:20 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:21:28 | 000,000,512 | ---- | M] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.31 06:45:38 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | M] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:25:12 | 412,507,637 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.01.26 15:17:08 | 000,001,016 | ---- | M] () -- C:\Users\*****\Desktop\Dropbox.lnk
[2013.01.14 21:12:19 | 001,617,258 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.14 21:12:19 | 000,695,412 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.14 21:12:19 | 000,658,040 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.14 21:12:19 | 000,146,452 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.14 21:12:19 | 000,123,034 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.11 06:58:09 | 000,435,224 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.09 13:56:29 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 13:56:29 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.31 15:56:20 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:53:39 | 000,001,110 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 15:53:38 | 000,001,106 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 15:21:28 | 000,000,512 | ---- | C] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | C] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:23:20 | 412,507,637 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012.01.09 19:05:45 | 000,003,584 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:50:29 | 000,080,896 | ---- | C] () -- C:\windows\cadkasdeinst01.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
= C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
= %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
= C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
= %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
= C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
ThreadingModel = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
[2013.01.31 19:58:00 | 000,001,110 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 19:55:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 17:35:10 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:22:04 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 16:14:52 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 16:14:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.31 16:14:17 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 15:56:20 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:21:28 | 000,000,512 | ---- | M] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.31 06:45:38 | 000,000,512 | ---- | M] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | M] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:25:12 | 412,507,637 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.01.26 15:17:08 | 000,001,016 | ---- | M] () -- C:\Users\*****\Desktop\Dropbox.lnk
[2013.01.14 21:12:19 | 001,617,258 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.14 21:12:19 | 000,695,412 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.14 21:12:19 | 000,658,040 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.14 21:12:19 | 000,146,452 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.14 21:12:19 | 000,123,034 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.11 06:58:09 | 000,435,224 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.09 13:56:29 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 13:56:29 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.31 15:56:20 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.01.31 15:53:39 | 000,001,110 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.31 15:53:38 | 000,001,106 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.31 15:21:28 | 000,000,512 | ---- | C] () -- C:\Users\*****\Desktop\MBR.dat
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 291d4281-ed11-4e49-bbff-c42dcccf077f.job
[2013.01.30 17:35:25 | 000,000,512 | ---- | C] () -- C:\windows\tasks\SUPERAntiSpyware Scheduled Task 1aa86882-4815-49ac-9277-c482c030ea07.job
[2013.01.29 18:13:15 | 000,001,034 | ---- | C] () -- C:\windows\SysNative\.crusader
[2013.01.29 17:23:20 | 412,507,637 | ---- | C] () -- C:\windows\MEMORY.DMP
[2012.01.09 19:05:45 | 000,003,584 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:50:29 | 000,080,896 | ---- | C] () -- C:\windows\cadkasdeinst01.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
= C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
= %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
ThreadingModel = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
= C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
= %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
ThreadingModel = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
= C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
ThreadingModel = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >