Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 12.02.2012 20:26:02 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Roland\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 81,11% Memory free
4,23 Gb Paging File | 3,99 Gb Available in Paging File | 94,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,83 Gb Total Space | 135,47 Gb Free Space | 58,18% Space Free | Partition Type: NTFS
Drive D: | 222,77 Gb Total Space | 95,48 Gb Free Space | 42,86% Space Free | Partition Type: NTFS
Drive E: | 10,00 Gb Total Space | 6,17 Gb Free Space | 61,71% Space Free | Partition Type: NTFS
Computer Name: OREMEK-PC | User Name: Jessy | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Roland\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
MOD - c:\Program Files\Adobe\Reader 9.0\Reader\RdLang32.DEU ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll ()
========== Win32 Services (SafeList) ==========
SRV - (SearchAnonymizer) -- C:\Users\Jessy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (RRNetCapMP) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (RRNetCap) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (PzWDM) -- C:\Windows\System32\Drivers\PzWDM.sys (Prassi Technology)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Conduit Search
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com :4.7
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de :1.0.5
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com :4.7
FF - prefs.js..extensions.enabledItems: engine@conduit.com :3.3.3.2
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de :3.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@echospin.com/esProxy: C:\Program Files\echospin\npesProxy.dll (Echospin LLC)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Jessy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.02.22 16:34:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.02.22 16:34:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.22 09:38:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.22 09:38:27 | 000,000,000 | ---D | M]
[2011.06.10 19:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jessy\AppData\Roaming\mozilla\Extensions
[2011.06.10 19:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jessy\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.02.05 16:23:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jessy\AppData\Roaming\mozilla\Firefox\Profiles\98iz4bra.default\extensions
[2009.12.19 11:45:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jessy\AppData\Roaming\mozilla\Firefox\Profiles\98iz4bra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.25 21:03:31 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jessy\AppData\Roaming\mozilla\Firefox\Profiles\98iz4bra.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.07 12:12:09 | 000,002,077 | ---- | M] () -- C:\Users\Jessy\AppData\Roaming\Mozilla\Firefox\Profiles\98iz4bra.default\searchplugins\{61417F75-6129-4A95-ACC3-1C8189F25F27}.xml
[2011.08.07 12:12:09 | 000,002,188 | ---- | M] () -- C:\Users\Jessy\AppData\Roaming\Mozilla\Firefox\Profiles\98iz4bra.default\searchplugins\{9629606A-4BBE-4EC8-96BD-47CDB371AEB8}.xml
[2011.08.07 12:12:09 | 000,001,870 | ---- | M] () -- C:\Users\Jessy\AppData\Roaming\Mozilla\Firefox\Profiles\98iz4bra.default\searchplugins\{F8476CA6-B5C5-4190-BF25-709B88BD4A92}.xml
[2011.12.30 20:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\JESSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\98IZ4BRA.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Jessy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ffdwnd] C:\Users\Jessy\AppData\Local\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jessy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{098BFF21-D927-436A-AA9D-14CDAE8140E5}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jessy\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jessy\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2c7d71a2-164b-11df-a27f-001d0979ea92}\Shell\AutoRun\command - "" = G:\EmDesk.exe
O33 - MountPoints2\{2c7d71a2-164b-11df-a27f-001d0979ea92}\Shell\EmDesk\command - "" = G:\EmDesk.exe
O33 - MountPoints2\{abc05d87-f8a1-11df-855b-001d0979ea92}\Shell - "" = AutoRun
O33 - MountPoints2\{abc05d87-f8a1-11df-855b-001d0979ea92}\Shell\AutoRun\command - "" = H:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk /r \??\L:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.12 16:22:51 | 000,000,000 | ---D | C] -- C:\Users\Jessy\Desktop\la
========== Files - Modified Within 30 Days ==========
[2012.02.12 20:24:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.12 20:22:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EBA5D837-372C-4F56-81C8-316D7867B4BB}.job
[2012.02.12 20:21:44 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.02.12 20:21:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.12 20:21:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.12 20:19:59 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D95E554B-2ACA-4CE5-A54D-26C48D33C3B0}.job
[2012.02.12 15:09:19 | 000,014,741 | ---- | M] () -- C:\Users\Jessy\Desktop\KURSWAHL.odt
[2012.02.12 15:08:11 | 000,013,468 | ---- | M] () -- C:\Users\Jessy\Desktop\Stundenplan.odt
[2012.02.10 17:11:50 | 000,168,448 | ---- | M] () -- C:\Users\Jessy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.05 16:21:55 | 000,000,218 | ---- | M] () -- C:\Users\Jessy\.recently-used.xbel
[2012.01.28 15:18:28 | 000,683,556 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.28 15:18:28 | 000,642,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.28 15:18:28 | 000,148,692 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.28 15:18:28 | 000,122,068 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2012.02.12 15:08:10 | 000,013,468 | ---- | C] () -- C:\Users\Jessy\Desktop\Stundenplan.odt
[2012.02.12 14:56:27 | 000,014,741 | ---- | C] () -- C:\Users\Jessy\Desktop\KURSWAHL.odt
[2012.02.05 16:21:55 | 000,000,218 | ---- | C] () -- C:\Users\Jessy\.recently-used.xbel
[2011.12.11 10:59:44 | 000,000,089 | ---- | C] () -- C:\Windows\Ldoce.ini
[2011.11.29 18:20:59 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.11.29 18:20:59 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.07.27 11:39:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.07.27 11:39:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.07.10 21:15:50 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2011.07.10 20:44:08 | 000,007,168 | ---- | C] () -- C:\Windows\libDSPXUtils.dll
[2010.08.31 11:27:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.07.26 09:55:48 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.07.11 14:30:09 | 000,000,221 | ---- | C] () -- C:\Windows\NCLogConfig.ini
[2010.05.13 09:53:00 | 000,000,381 | ---- | C] () -- C:\Windows\System32\HandBrakeCLI.exe.stackdump
[2010.02.28 19:25:12 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.01.16 16:29:47 | 000,078,636 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009.12.13 16:20:16 | 000,000,722 | ---- | C] () -- C:\Windows\disney.ini
[2009.12.12 13:59:24 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2009.12.12 13:59:24 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009.11.30 22:02:43 | 000,000,075 | ---- | C] () -- C:\Windows\NxvConverter.INI
[2009.11.30 21:56:41 | 000,593,920 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.11.30 21:56:41 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.11.30 21:56:40 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.11.30 21:56:39 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.11.29 19:12:07 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.29 18:30:19 | 000,146,282 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009.11.29 16:54:29 | 000,168,448 | ---- | C] () -- C:\Users\Jessy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.29 15:43:42 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.11.29 15:43:41 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.11.29 15:43:40 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.11.29 15:43:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.11.29 15:43:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.03.01 00:41:30 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2006.11.02 16:33:31 | 000,683,556 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,148,692 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,321,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,642,114 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,122,068 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1997.11.17 17:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
========== LOP Check ==========
[2011.11.14 13:15:14 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Audacity
[2011.07.10 21:12:57 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\DarkWave Studio
[2009.12.04 15:50:43 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\DeepBurner
[2011.09.05 12:08:22 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\DVDVideoSoft
[2011.03.27 19:26:42 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.06.21 13:46:18 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Facebook
[2011.02.09 16:03:50 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\FreeAudioPack
[2010.01.30 21:53:13 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\FreeFLVConverter
[2011.07.10 21:06:15 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\GetRightToGo
[2009.12.05 10:37:45 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\GlarySoft
[2011.11.14 22:28:09 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\ICQ
[2010.03.12 17:02:56 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\iLike
[2011.12.16 12:20:11 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Image Zone Express
[2012.02.05 16:22:04 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\inkscape
[2010.12.12 16:52:46 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\LG Electronics
[2012.01.01 23:47:13 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\LolClient
[2011.07.10 21:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\MAGIX
[2011.08.07 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\OCS
[2009.11.30 20:53:29 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\OpenOffice.org
[2011.08.07 12:12:10 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Opera
[2009.12.16 13:55:12 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Printer Info Cache
[2011.06.10 19:37:08 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\TomTom
[2011.11.27 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Jessy\AppData\Roaming\Vocup
[2012.02.12 20:21:44 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.02.12 20:23:37 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.01.09 11:34:59 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0D735809-4C2E-4639-B28B-E21A6EABD2C8}.job
[2012.02.12 20:19:59 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D95E554B-2ACA-4CE5-A54D-26C48D33C3B0}.job
[2012.02.12 20:22:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{EBA5D837-372C-4F56-81C8-316D7867B4BB}.job
========== Purity Check ==========
< End of report >
12.02.2012, 20:32
Hybrid-Darstellung
