Benötige BKA OTL.txt fix Hallo,
ich bitte um Hilfe!
Hier die OTL.txt habe keine Extra.txt
Vielen Danke im Voraus
Lg David
OTL Logfile: Code:
OTL logfile created on: 8/7/2011 1:39:07 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Ultimate Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 62.24 Gb Free Space | 26.73% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/08/04 02:26:22 | 000,026,112 | ---- | M] () [Auto] -- C:\ProgramData\QuestScan\questscan171.exe -- (QuestScan Service)
SRV - [2011/07/14 21:26:20 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/06 06:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/11/11 07:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 07:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/01/20 22:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/24 05:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2011/08/06 18:03:07 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6D0C3405-7DE8-453E-B8E3-DE98A0E34F49}\MpKslc3e807e8.sys -- (MpKslc3e807e8)
DRV - [2010/10/24 16:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 16:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2008/04/30 13:10:00 | 007,448,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/02 14:53:02 | 000,220,696 | ---- | M] (Intel Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2007/09/26 08:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/07/30 21:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007/04/11 19:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2007/03/21 17:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 09:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 11:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/02 03:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/02/07 14:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot] -- C:\Windows\System32\drivers\JGOGO.sys -- (JGOGO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 7F D0 33 C5 4D CC 01 [binary data]
IE - HKU\user_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\user_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files\SearchPredict\PRFireFox [2011/03/08 19:44:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox [2011/03/08 19:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/04 14:02:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/04 14:02:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2011/08/03 19:14:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.701.0\firefox\extensions [2011/08/03 19:15:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 09:14:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/03 19:15:10 | 000,000,000 | ---D | M]
[2011/08/04 07:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/21 09:06:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/08/04 07:49:14 | 000,000,000 | ---D | M] (QuestScan) -- C:\Program Files\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}
[2011/03/08 07:14:58 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files\Mozilla Firefox\extensions\YPlayer@yummy(2).net
[2011/03/19 09:38:29 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Program Files\Mozilla Firefox\extensions\YPlayer@yummy.net
[2011/01/21 09:06:29 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[1999/12/31 11:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2011/03/10 06:07:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/03/10 06:07:15 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/10 06:07:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/03/10 06:07:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/03/10 06:07:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKU\user_ON_C\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\user_ON_C..\Run: [{B242EE9E-F653-A1E3-723D-C3CC502A479E}] C:\Users\user\AppData\Roaming\Xepose\ezamp.exe ()
O4 - HKU\user_ON_C..\Run: [avupdate] C:\Users\user\AppData\Roaming\jashla.exe (Riviera Knoxville Rowland Dominican Tarbell Byrd)
O4 - HKU\user_ON_C..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKU\user_ON_C..\Run: [packsdns] C:\Users\user\AppData\Roaming\packsdns.exe ()
O4 - HKU\user_ON_C..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: Error locating startup folders.
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/08/06 16:39:54 | 000,134,144 | ---- | C] (Riviera Knoxville Rowland Dominican Tarbell Byrd) -- C:\Users\user\AppData\Roaming\jashla.exe
[2011/08/04 08:46:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Xepose
[2011/08/04 08:46:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Pexee
[2011/08/03 19:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato
[2011/08/03 19:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ClickPotatoLiteSA
[2011/08/03 19:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\ClickPotatoLite
[2011/08/03 19:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2011/08/03 19:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\QuestScan
[2011/08/03 19:15:01 | 000,000,000 | ---D | C] -- C:\Program Files\QuestScan
[2011/08/03 19:14:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
[2011/08/03 19:14:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\ShopperReports3
[2011/08/03 19:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\ShopperReports3
[2011/07/29 03:51:38 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\ari
[2011/07/21 18:58:30 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Foto Lara Thesis
[2011/07/21 09:53:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2011/07/21 09:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2011/07/21 09:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\PrintKey2000
[2011/07/20 11:22:39 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Master Thesis Lara
[2011/07/16 07:08:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFTK Builder
[2011/07/16 07:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\PDFTK Builder
[2011/07/16 07:07:08 | 002,790,572 | ---- | C] ( ) -- C:\Users\user\Desktop\pdftkb_setup.exe
[2011/07/16 06:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PDF Writer
[2011/07/16 06:43:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\PDF Writer
[2011/07/16 06:43:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\PDF Writer
[2011/07/16 06:40:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2011/07/16 06:39:59 | 000,227,840 | ---- | C] (Bullzip) -- C:\Windows\System32\bzFlRdr.dll
[2011/07/16 06:39:59 | 000,135,168 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdfc.dll
[2011/07/16 06:39:59 | 000,103,424 | ---- | C] (Bullzip) -- C:\Windows\System32\bzDCT.dll
[2011/07/16 06:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bullzip
[2011/07/16 06:39:56 | 000,196,096 | ---- | C] (Bullzip) -- C:\Windows\System32\bzpdf.dll
[2011/07/16 06:39:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.OCX
[2011/07/16 06:39:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bullzip
[2011/07/14 03:46:29 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/14 03:46:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/14 03:46:24 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
========== Files - Modified Within 30 Days ==========
[2011/08/06 18:08:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/06 18:03:57 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/06 18:03:56 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/06 18:03:45 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/08/06 18:03:15 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/08/06 18:02:58 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/06 17:06:42 | 000,629,856 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/08/06 17:06:42 | 000,597,486 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/06 17:06:42 | 000,126,870 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/08/06 17:06:42 | 000,104,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/06 16:59:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/08/06 16:51:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753371471-851752056-4280299466-1000UA.job
[2011/08/06 16:40:03 | 000,134,144 | ---- | M] (Riviera Knoxville Rowland Dominican Tarbell Byrd) -- C:\Users\user\AppData\Roaming\jashla.exe
[2011/08/06 15:09:41 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3753371471-851752056-4280299466-1000Core.job
[2011/08/03 19:15:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato
[2011/08/03 19:14:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
[2011/08/02 14:45:20 | 000,001,356 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2011/07/21 09:53:08 | 000,000,810 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2011/07/21 09:53:08 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/07/21 09:53:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintKey2000
[2011/07/21 09:52:51 | 000,577,612 | ---- | M] () -- C:\Users\user\Desktop\1311256060-1311263560-876758-B-37be1672b41b4ad8b1e4cc5e624fb33d.exe
[2011/07/16 07:08:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFTK Builder
[2011/07/16 07:07:45 | 002,790,572 | ---- | M] ( ) -- C:\Users\user\Desktop\pdftkb_setup.exe
[2011/07/16 06:40:00 | 000,000,912 | ---- | M] () -- C:\Users\user\Desktop\Bullzip PDF Printer.lnk
[2011/07/16 06:40:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
[2011/07/15 05:38:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/07/15 05:38:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/07/14 21:21:19 | 000,304,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/14 21:18:36 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/07/14 18:44:44 | 000,002,037 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2011/07/14 18:44:44 | 000,001,999 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/07/12 11:02:30 | 010,098,216 | ---- | M] () -- C:\Users\user\Desktop\_DSC2174.jpg
[2011/07/12 11:01:27 | 009,129,981 | ---- | M] () -- C:\Users\user\Desktop\_DSC2139.jpg
[2011/07/12 11:01:12 | 004,297,096 | ---- | M] () -- C:\Users\user\Desktop\_DSC2145.jpg
[2011/07/11 08:57:43 | 008,680,782 | ---- | M] () -- C:\Users\user\Desktop\CV Bob Turksma June 2011.pdf
[2011/07/11 08:52:53 | 047,823,286 | ---- | M] () -- C:\Users\user\Desktop\CV Bob Turksma June 2011_pdf.ps
========== Files Created - No Company Name ==========
[2011/08/06 18:02:58 | 2146,754,560 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/21 09:53:08 | 000,000,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk
[2011/07/21 09:52:49 | 000,577,612 | ---- | C] () -- C:\Users\user\Desktop\1311256060-1311263560-876758-B-37be1672b41b4ad8b1e4cc5e624fb33d.exe
[2011/07/16 06:40:00 | 000,000,912 | ---- | C] () -- C:\Users\user\Desktop\Bullzip PDF Printer.lnk
[2011/07/15 05:38:57 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/07/15 05:38:57 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/07/12 11:01:23 | 010,098,216 | ---- | C] () -- C:\Users\user\Desktop\_DSC2174.jpg
[2011/07/12 11:00:29 | 004,297,096 | ---- | C] () -- C:\Users\user\Desktop\_DSC2145.jpg
[2011/07/12 11:00:07 | 009,129,981 | ---- | C] () -- C:\Users\user\Desktop\_DSC2139.jpg
[2011/07/11 08:57:33 | 008,680,782 | ---- | C] () -- C:\Users\user\Desktop\CV Bob Turksma June 2011.pdf
[2011/07/11 08:52:53 | 047,823,286 | ---- | C] () -- C:\Users\user\Desktop\CV Bob Turksma June 2011_pdf.ps
[2011/06/26 14:33:13 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/04/17 11:16:45 | 000,003,584 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/08 16:42:07 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll
[2011/01/30 13:33:22 | 000,000,532 | ---- | C] () -- C:\Windows\eReg.dat
[2011/01/24 22:21:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/24 22:21:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/24 22:19:34 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/01/22 14:28:34 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/01/21 09:00:41 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/01/21 09:00:28 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/01/20 07:41:04 | 000,001,356 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2011/01/20 07:29:07 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/01/21 04:24:09 | 000,629,856 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 04:24:09 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 04:24:09 | 000,126,870 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 04:24:09 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 22:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2008/01/20 22:23:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\packsdns.exe
[2007/10/02 14:52:14 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2006/11/02 08:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:46:27 | 000,304,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,597,486 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/05/06 14:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
========== LOP Check ==========
[2011/03/07 14:14:06 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Kalypso Media
[2011/07/16 06:43:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PDF Writer
[2011/08/04 16:23:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Pexee
[2011/08/03 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ShopperReports3
[2011/05/27 16:42:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\The Creative Assembly
[2011/08/04 08:46:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Xepose
[2011/08/03 19:15:07 | 000,000,000 | ---D | M] -- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2011/01/21 15:10:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Age of Empires 3
[2011/01/20 07:39:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/08/03 19:15:07 | 000,000,000 | ---D | M] -- C:\ProgramData\ClickPotatoLiteSA
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/01/20 07:39:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/01/20 07:39:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/07/16 06:43:18 | 000,000,000 | ---D | M] -- C:\ProgramData\PDF Writer
[2011/08/04 07:49:13 | 000,000,000 | ---D | M] -- C:\ProgramData\QuestScan
[2011/03/05 16:42:56 | 000,000,000 | ---D | M] -- C:\ProgramData\SpeedBit
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/01/20 07:39:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2011/08/06 18:03:41 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/01/20 07:39:07 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/01/21 09:12:11 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/06 16:59:49 | 000,031,370 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:2B11E0DF
< End of report > --- --- --- |