New to the forum, hope somebody can help me here.
Got a malware infection "Windows anti spyware 2011", since then Vista is not booting neither in normal nor in safe nor in any other mode.
Laptop is an Acer, don't have any Windows CDs/DVDs, but there is probably a hidden recovery folder or partition.
What I did already
1. Created OTLPE cd, system boots so can make scans and post logs if helpful (see log below)
2. Followed the unbootable system tutorial, created the AVG rescue cd, ran the scans and renamed the identified infected files
System is still not booting though. Read already quite a few posts like THIS and THIS one, but don't want to blindly follow instructions for other users.
Below is the OLTPE log, maybe thats helpful.
Thanks a lot in advance!
OTL logfile created on: 5/1/2011 7:54:40 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows Vista Ultimate Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 70.62 Gb Total Space | 7.99 Gb Free Space | 11.31% Space Free | Partition Type: NTFS
Drive D: | 70.61 Gb Total Space | 36.63 Gb Free Space | 51.88% Space Free | Partition Type: NTFS
Drive E: | 316.83 Mb Total Space | 39.47 Mb Free Space | 12.46% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
========== Win32 Services (SafeList) ==========
SRV - [2011/04/15 07:36:02 | 001,378,040 | -H-- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/10/23 11:59:32 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand] -- D:\Programme\TuneUp\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/09/30 11:12:34 | 001,051,968 | ---- | M] (TuneUp Software) [Auto] -- D:\Programme\TuneUp\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/09/30 11:09:20 | 000,030,016 | -H-- | M] (TuneUp Software) [Auto] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/10/16 11:26:20 | 000,860,160 | -H-- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 10:54:34 | 000,466,944 | -H-- | M] (Intel® Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/01/02 03:33:24 | 000,135,168 | -H-- | M] (acer) [Auto] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/11/17 10:56:32 | 000,101,152 | -H-- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (dsltestSp5)
DRV - [2010/02/25 05:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- D:\Programme\TuneUp\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/04/11 02:32:55 | 000,226,280 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/11/17 01:40:22 | 003,668,480 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/01/20 22:21:28 | 002,225,664 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/02/05 12:01:00 | 004,456,320 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/20 12:02:42 | 000,847,392 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lv321av.sys -- (lv321av) Logitech USB PC Camera (VC0321)
DRV - [2006/11/17 10:53:30 | 001,962,784 | -H-- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/11/02 03:30:56 | 000,044,544 | -H-- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2004/10/08 04:51:08 | 001,270,540 | -H-- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Nils_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Nils_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Nils_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Nils_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..extensions.enabledItems: [email protected]:0.19.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.8.0.4280
FF - prefs.js..extensions.enabledItems: {05BF52F6-A4F9-48B9-84ED-F8D83762E619}:0.5.3
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.0.0.0
FF - prefs.js..extensions.enabledItems: {A4732521-77D9-447E-A557-B279AC923F06}:0.6.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:3.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.3
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.7pre.080830
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.0.3
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.75
FF - prefs.js..extensions.enabledItems: {1a45a8a0-3278-11dd-bd11-0800200c9a66}:1.0.1
FF - prefs.js..extensions.enabledItems: {269FB356-C69F-7349-D092-AB28AF836D0E}:3.0.02
FF - prefs.js..extensions.enabledItems: {47e5a66c-0e35-11dc-8314-0800200c9a66}:3.0.1
FF - prefs.js..extensions.enabledItems: {c9c58820-7bd4-11da-a72b-0800200c9a66}:2.071508
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: D:\Programme\Online\Firefox\components [2010/12/20 06:39:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: D:\Programme\Online\Firefox\plugins [2010/12/20 06:39:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: D:\Programme\Online\Firefox 4\components [2011/04/25 13:36:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: D:\Programme\Online\Firefox 4\plugins
[2008/08/30 15:12:47 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Extensions
[2011/04/29 14:10:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions
[2010/05/10 02:29:45 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/09/03 15:12:43 | 000,000,000 | -H-D | M] (Aquatint Redone) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{47e5a66c-0e35-11dc-8314-0800200c9a66}
[2010/05/29 13:51:09 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/03/23 18:20:25 | 000,000,000 | -H-D | M] ("BilderHerunterlader") -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{af2f0750-c598-4826-8e5f-bb98aab519a5}
[2010/03/13 14:22:39 | 000,000,000 | -H-D | M] (iPox) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}
[2010/03/13 14:22:21 | 000,000,000 | -H-D | M] (Chromifox Basic) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\[email protected]
[2009/11/13 16:39:26 | 000,000,000 | -H-D | M] (TVU Web Player) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\[email protected]
[2011/03/26 10:23:19 | 000,000,000 | -H-D | M] (Cooliris) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\[email protected]
[2010/03/13 14:22:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions
[2010/03/13 14:22:38 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\mz979o3j.Standard-Benutzer\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions\CVS
[2010/12/31 13:59:42 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions
[2008/08/30 16:04:57 | 000,000,000 | -H-D | M] (New Tab Button on Tab Right) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{05BF52F6-A4F9-48B9-84ED-F8D83762E619}
[2008/03/30 13:31:48 | 000,000,000 | -H-D | M] (MR Tech Disable XPI Install Delay) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{0F25ED9F-9213-422D-9AB9-7DA9BD416FFA}
[2008/08/30 15:28:15 | 000,000,000 | -H-D | M] (Just Black (A Cylence theme for Firefox 3)) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{1a45a8a0-3278-11dd-bd11-0800200c9a66}
[2008/08/30 15:31:30 | 000,000,000 | -H-D | M] (Strata Aero) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E}
[2008/07/26 12:53:13 | 000,000,000 | -H-D | M] (PDF Download) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/06/16 16:37:03 | 000,000,000 | -H-D | M] (Aquatint Redone) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{47e5a66c-0e35-11dc-8314-0800200c9a66}
[2010/12/31 13:59:42 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2008/08/30 15:45:19 | 000,000,000 | -H-D | M] (Image Toolbar) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{A4732521-77D9-447E-A557-B279AC923F06}
[2010/05/29 13:51:09 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2008/08/30 15:45:19 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008/08/30 15:18:09 | 000,000,000 | -H-D | M] (iPox) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}
[2008/06/19 16:41:43 | 000,000,000 | -H-D | M] (Download Statusbar) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008/08/30 16:08:18 | 000,000,000 | -H-D | M] ("Tab Mix Plus") -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2008/06/08 09:53:18 | 000,000,000 | -H-D | M] (DownThemAll!) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2008/08/30 15:45:19 | 000,000,000 | -H-D | M] (CustomizeGoogle) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2008/08/30 15:49:06 | 000,000,000 | -H-D | M] (Ctrl-Tab) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\[email protected]
[2008/08/23 09:28:43 | 000,000,000 | -H-D | M] (PicLens) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\[email protected]
[2008/08/23 09:28:44 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nbo4frt5.default\extensions\[email protected]
[2008/06/21 05:18:55 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\ONLINE\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[2008/07/29 13:33:42 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMME\ONLINE\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\Acrobat\Acrobat 7\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Watch for Browser Events) - {42A7CE31-CEE7-4CCE-A060-A44A7E52E062} - D:\Programme\Keyboard Express 3\kie.dll (Insight Software Solutions)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Nils_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AcerOrbicamRibbon] C:\Program Files\OrbiCam.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Acer Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Nils_ON_C..\Run: [GHWAUC6NNZ] File not found
O4 - HKLM..\RunOnce: [NoIE4StubProcessing] File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = File not found
O4 - Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AWC.lnk = D:\Programme\Media\AWC\AWC.exe (Steve Murphy)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Nils_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\Nils_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download with Xilisoft YouTube to iPod Converter - D:\Programme\Online\YouTube iPod\upod_link.HTM ()
O8 - Extra context menu item: In Adobe PDF konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - D:\Programme\Acrobat\Acrobat 7\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{c4de58cd-60d3-11df-a300-0016d350f8dc}\Shell\AutoRun\command - "" = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O33 - MountPoints2\{c4de58cd-60d3-11df-a300-0016d350f8dc}\Shell\open\command - "" = F:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system32.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/30 16:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/30 10:30:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/04/29 15:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/04/29 15:49:34 | 000,000,000 | -H-D | C] -- C:\Users\Nils\AppData\Roaming\GetRightToGo
[2011/04/29 15:37:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/29 15:37:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/29 15:37:02 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/29 15:36:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/29 15:36:47 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/29 15:36:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/04/29 15:36:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/04/29 15:36:47 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/04/29 15:36:45 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/29 15:36:45 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/29 15:36:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/29 15:36:44 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/29 15:36:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/29 15:36:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/29 15:36:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/29 15:36:43 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/29 15:36:42 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/29 15:36:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/29 15:36:40 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/29 15:36:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/29 15:36:39 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/29 15:36:38 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/29 15:36:38 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/29 15:36:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/29 15:36:37 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/29 15:36:37 | 000,000,000 | -H-D | C] -- C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011/04/29 15:36:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/29 15:36:34 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/29 15:36:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/29 15:36:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/04/29 15:36:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/29 15:36:33 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/04/29 15:36:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/29 15:36:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/04/29 15:36:32 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/29 15:36:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/29 15:36:22 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/29 15:36:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/04/29 15:36:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/29 15:36:22 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/29 15:32:07 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/29 15:32:07 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/04/29 15:32:07 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/04/29 15:32:07 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/04/29 15:32:07 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/04/29 15:32:07 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/04/29 15:30:49 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/04/29 15:30:45 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/04/29 15:30:45 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/04/29 15:30:45 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/04/29 15:30:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/04/29 15:30:44 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/04/29 15:30:44 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/04/29 15:30:44 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/04/29 15:30:44 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/04/29 15:30:43 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/04/29 15:30:43 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/04/29 15:30:43 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/04/29 15:30:43 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/29 15:30:43 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/04/29 15:30:43 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/04/29 15:30:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/29 15:30:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/29 15:30:42 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/29 15:27:23 | 000,136,704 | ---- | C] (videosoft) -- C:\Windows\Bfyfaa_exe_1304270612.arl
[2011/04/29 15:27:16 | 000,520,704 | -H-- | C] (WinTrust) -- C:\ProgramData\CbvYHAgAAxMvT_exe_1304270593.arl
[2011/04/29 15:27:10 | 000,188,928 | -H-- | C] (videosoft) -- C:\Windows\System32\sshnas21_dll_1304270613.arl
[2011/04/29 15:26:48 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/04/29 15:26:48 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/04/29 15:26:48 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/29 15:26:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/04/29 15:26:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/04/29 15:26:48 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/29 15:15:12 | 000,348,160 | -HS- | C] (Microsoft Corporation) -- C:\Users\Nils\AppData\Local\kjt_exe_1304270595.arl
[2011/04/15 07:49:19 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/15 07:49:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/15 07:48:19 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/15 07:48:18 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/15 07:48:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/15 07:48:05 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/15 07:47:47 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2008/03/30 14:01:49 | 000,053,248 | -H-- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2006/11/20 12:10:16 | 000,204,824 | -H-- | C] (Acer Inc.) -- C:\Program Files\VideoControl.dll
[2006/11/20 12:09:20 | 000,079,384 | -H-- | C] (Acer Inc.) -- C:\Program Files\LogiMail.dll
[2006/11/20 12:09:08 | 000,366,104 | -H-- | C] (Acer Inc.) -- C:\Program Files\IPPJPEG.dll
[2006/11/20 12:08:58 | 000,280,088 | -H-- | C] (Acer Inc.) -- C:\Program Files\EFVal.dll
[2001/09/05 15:00:58 | 001,700,352 | -H-- | C] (Microsoft Corporation) -- C:\Program Files\gdiplus.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/01 11:39:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/01 11:38:03 | 2145,574,912 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/01 11:36:26 | 000,373,504 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/30 04:39:12 | 000,024,576 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2011/04/29 16:06:31 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/29 16:06:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/29 15:47:27 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/04/29 15:43:30 | 000,000,282 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/04/29 15:43:29 | 000,000,244 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/04/29 15:41:41 | 000,001,098 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/29 15:37:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/04/29 15:37:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/04/29 15:37:03 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011/04/29 15:37:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/29 15:37:02 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011/04/29 15:36:47 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/29 15:36:47 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/29 15:36:47 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011/04/29 15:36:47 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011/04/29 15:36:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011/04/29 15:36:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/29 15:36:45 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011/04/29 15:36:45 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011/04/29 15:36:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/04/29 15:36:44 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/04/29 15:36:44 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/29 15:36:43 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/04/29 15:36:43 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/29 15:36:43 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/04/29 15:36:43 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/29 15:36:42 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/29 15:36:41 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/29 15:36:40 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/29 15:36:39 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011/04/29 15:36:38 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/29 15:36:38 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011/04/29 15:36:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011/04/29 15:36:38 | 000,000,589 | -H-- | M] () -- C:\Users\Nils\Desktop\Windows Recovery.lnk
[2011/04/29 15:36:38 | 000,000,152 | -H-- | M] () -- C:\ProgramData\~34987784r
[2011/04/29 15:36:38 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~34987784
[2011/04/29 15:36:37 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/29 15:36:34 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/29 15:36:34 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/04/29 15:36:34 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/29 15:36:34 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011/04/29 15:36:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011/04/29 15:36:33 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/04/29 15:36:33 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/29 15:36:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011/04/29 15:36:33 | 000,000,336 | -H-- | M] () -- C:\ProgramData\34987784
[2011/04/29 15:36:32 | 000,444,928 | -H-- | M] () -- C:\ProgramData\34987784_exe_1304270592.arl
[2011/04/29 15:36:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/29 15:36:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011/04/29 15:36:22 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011/04/29 15:36:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011/04/29 15:36:22 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/29 15:36:22 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/29 15:32:07 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/04/29 15:32:07 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011/04/29 15:32:07 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011/04/29 15:32:07 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011/04/29 15:32:07 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011/04/29 15:32:07 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011/04/29 15:30:49 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011/04/29 15:30:45 | 001,068,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/04/29 15:30:45 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/04/29 15:30:45 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/04/29 15:30:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011/04/29 15:30:44 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011/04/29 15:30:44 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011/04/29 15:30:44 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011/04/29 15:30:44 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011/04/29 15:30:43 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011/04/29 15:30:43 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011/04/29 15:30:43 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011/04/29 15:30:43 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/04/29 15:30:43 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011/04/29 15:30:43 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011/04/29 15:30:43 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/04/29 15:30:43 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/04/29 15:30:42 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/04/29 15:30:26 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows
[2011/04/29 15:30:26 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/04/29 15:30:26 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programme
[2011/04/29 15:30:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/04/29 15:30:25 | 000,000,000 | RH-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/04/29 15:30:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online
[2011/04/29 15:30:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/29 15:27:15 | 000,520,704 | -H-- | M] (WinTrust) -- C:\ProgramData\CbvYHAgAAxMvT_exe_1304270593.arl
[2011/04/29 15:27:12 | 000,136,704 | ---- | M] (videosoft) -- C:\Windows\Bfyfaa_exe_1304270612.arl
[2011/04/29 15:27:10 | 000,188,928 | -H-- | M] (videosoft) -- C:\Windows\System32\sshnas21_dll_1304270613.arl
[2011/04/29 15:26:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\dxgkrnl.sys.mui
[2011/04/29 15:26:48 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011/04/29 15:26:48 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011/04/29 15:26:48 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/04/29 15:26:48 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2011/04/29 15:26:48 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011/04/29 15:26:48 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/04/29 15:18:01 | 000,012,328 | -HS- | M] () -- C:\ProgramData\1o48v14h3a2tp000028
[2011/04/29 15:18:00 | 000,012,328 | -HS- | M] () -- C:\Users\Nils\AppData\Local\1o48v14h3a2tp000028
[2011/04/29 15:15:12 | 000,348,160 | -HS- | M] (Microsoft Corporation) -- C:\Users\Nils\AppData\Local\kjt_exe_1304270595.arl
[2011/04/29 15:06:30 | 000,037,210 | -H-- | M] () -- C:\Users\Nils\AppData\Roaming\nvModes.001
[2011/04/29 15:05:30 | 000,000,220 | -H-- | M] () -- C:\Windows\tasks\OGALogon.job
[2011/04/29 15:05:28 | 000,001,094 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/29 13:50:37 | 000,037,210 | -H-- | M] () -- C:\Users\Nils\AppData\Roaming\nvModes.dat
[2011/04/29 13:35:51 | 000,000,220 | -H-- | M] () -- C:\Windows\tasks\OGADaily.job
[2011/04/27 17:37:21 | 000,000,680 | -H-- | M] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2011/04/27 14:51:39 | 000,621,952 | -H-- | M] () -- C:\Windows\System32\perfh007.dat
[2011/04/27 14:51:39 | 000,590,082 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/27 14:51:39 | 000,123,852 | -H-- | M] () -- C:\Windows\System32\perfc007.dat
[2011/04/27 14:51:39 | 000,102,094 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/25 14:38:51 | 000,241,152 | -H-- | M] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/01 11:35:34 | 2145,574,912 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/29 15:36:43 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/04/29 15:36:38 | 000,000,589 | -H-- | C] () -- C:\Users\Nils\Desktop\Windows Recovery.lnk
[2011/04/29 15:36:38 | 000,000,152 | -H-- | C] () -- C:\ProgramData\~34987784r
[2011/04/29 15:36:38 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~34987784
[2011/04/29 15:36:33 | 000,000,336 | -H-- | C] () -- C:\ProgramData\34987784
[2011/04/29 15:36:32 | 000,444,928 | -H-- | C] () -- C:\ProgramData\34987784_exe_1304270592.arl
[2011/04/29 15:27:21 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/04/29 15:27:20 | 000,000,282 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011/04/29 15:27:14 | 000,000,244 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/04/29 15:15:12 | 000,012,328 | -HS- | C] () -- C:\Users\Nils\AppData\Local\1o48v14h3a2tp000028
[2011/04/29 15:15:12 | 000,012,328 | -HS- | C] () -- C:\ProgramData\1o48v14h3a2tp000028
[2010/10/24 14:23:08 | 000,015,880 | -H-- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/07/04 11:39:01 | 000,121,832 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/10 16:54:55 | 000,000,127 | -H-- | C] () -- C:\Windows\System32\MRT.INI
[2010/01/17 09:20:17 | 000,000,680 | -H-- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2009/11/26 15:57:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/11/26 15:57:18 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/11/26 15:56:46 | 000,226,280 | ---- | C] () -- C:\Windows\System32\drivers\volsnap.sys
[2009/11/26 15:56:07 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/06/09 16:26:39 | 000,042,594 | -H-- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/12/31 11:04:42 | 000,691,560 | -H-- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/12/31 11:04:42 | 000,528,744 | -H-- | C] () -- C:\Windows\System32\OGAVerify.exe
[2008/09/02 16:55:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/08/02 19:10:41 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/23 09:46:58 | 000,000,009 | -H-- | C] () -- C:\Users\Nils\AppData\Roaming\mdb.bin
[2008/04/05 06:17:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2008/04/01 15:18:27 | 000,037,210 | -H-- | C] () -- C:\Users\Nils\AppData\Roaming\nvModes.001
[2008/03/31 14:11:08 | 000,037,210 | -H-- | C] () -- C:\Users\Nils\AppData\Roaming\nvModes.dat
[2008/03/30 14:01:49 | 000,331,776 | -H-- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2008/03/30 13:58:18 | 000,000,176 | -H-- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/03/30 13:17:41 | 000,007,168 | -H-- | C] () -- C:\Windows\System32\Dtctrace.dll
[2008/03/30 13:07:02 | 000,164,352 | -H-- | C] () -- C:\Windows\System32\unrar.dll
[2008/03/30 13:07:00 | 003,596,288 | -H-- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/03/30 13:07:00 | 002,085,376 | -H-- | C] () -- C:\Windows\System32\x264vfw.dll
[2008/03/30 13:07:00 | 000,159,839 | -H-- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/03/30 12:14:54 | 000,241,152 | -H-- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/21 04:24:09 | 000,621,952 | -H-- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 04:24:09 | 000,290,748 | -H-- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 04:24:09 | 000,123,852 | -H-- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 04:24:09 | 000,036,916 | -H-- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 22:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en
[2007/09/20 06:33:52 | 003,190,784 | -H-- | C] () -- C:\Windows\System32\libavcodec.dll
[2007/09/20 06:33:52 | 000,741,376 | -H-- | C] () -- C:\Windows\System32\audxlib.dll
[2007/09/20 06:33:52 | 000,662,016 | -H-- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/09/20 06:33:52 | 000,511,488 | -H-- | C] () -- C:\Windows\System32\ff_x264.dll
[2007/09/20 06:33:52 | 000,405,504 | -H-- | C] () -- C:\Windows\System32\libmplayer.dll
[2007/09/20 06:33:52 | 000,245,760 | -H-- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2007/09/20 06:33:52 | 000,221,184 | -H-- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2007/09/20 06:33:52 | 000,200,704 | -H-- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2007/09/20 06:33:52 | 000,155,648 | -H-- | C] () -- C:\Windows\System32\ff_libdts.dll
[2007/09/20 06:33:52 | 000,143,360 | -H-- | C] () -- C:\Windows\System32\ff_theora.dll
[2007/09/20 06:33:52 | 000,122,880 | -H-- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2007/09/20 06:33:52 | 000,118,784 | -H-- | C] () -- C:\Windows\System32\ff_libmad.dll
[2007/09/20 06:33:52 | 000,114,688 | -H-- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2007/09/20 06:33:52 | 000,097,280 | -H-- | C] () -- C:\Windows\System32\ff_realaac.dll
[2007/09/20 06:33:52 | 000,079,872 | -H-- | C] () -- C:\Windows\System32\ff_tremor.dll
[2007/09/20 06:33:52 | 000,040,960 | -H-- | C] () -- C:\Windows\System32\ff_liba52.dll
[2007/09/20 06:33:52 | 000,038,400 | -H-- | C] () -- C:\Windows\System32\ff_unrar.dll
[2007/09/20 06:33:52 | 000,026,624 | -H-- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2007/09/20 06:33:52 | 000,007,680 | -H-- | C] () -- C:\Windows\System32\ff_vfw.dll
[2006/11/20 12:11:48 | 000,023,576 | -H-- | C] () -- C:\Program Files\MSNCmRes.dll
[2006/11/20 12:11:36 | 001,078,808 | -H-- | C] () -- C:\Program Files\LAppRes.DLL
[2006/11/20 12:11:36 | 000,206,360 | -H-- | C] () -- C:\Program Files\ATWizardRes.dll
[2006/11/20 12:09:54 | 000,754,712 | -H-- | C] () -- C:\Program Files\OrbiCam.exe
[2006/11/20 12:09:42 | 000,032,280 | -H-- | C] () -- C:\Program Files\MSNCam.dll
[2006/11/20 12:09:32 | 000,316,952 | -H-- | C] () -- C:\Program Files\LogiMailApp.exe
[2006/11/20 12:08:34 | 000,292,888 | -H-- | C] () -- C:\Program Files\ATWizard.exe
[2006/11/02 08:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:46:27 | 000,373,504 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,590,082 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,102,094 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/30 05:40:18 | 000,246,011 | -H-- | C] () -- C:\Program Files\orbicam.chm
[2006/10/25 08:04:00 | 000,008,690 | -H-- | C] () -- C:\Program Files\ReadMe_KOR.htm
[2006/10/25 08:00:56 | 000,009,168 | -H-- | C] () -- C:\Program Files\ReadMe_JPN.htm
[2006/10/25 08:00:26 | 000,007,909 | -H-- | C] () -- C:\Program Files\ReadMe_CHT.htm
[2006/10/25 07:59:54 | 000,007,929 | -H-- | C] () -- C:\Program Files\ReadMe_CHS.htm
[2006/10/25 07:58:36 | 000,062,682 | -H-- | C] () -- C:\Program Files\readme.htm
[2005/09/29 08:39:40 | 000,011,014 | -H-- | C] () -- C:\Program Files\logo.bmp
========== LOP Check ==========
[2008/03/30 12:32:03 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\ACD Systems
[2009/06/14 13:57:40 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\avidemux
[2009/06/26 09:33:19 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\BSplayer PRO
[2010/10/22 12:16:57 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Dropbox
[2011/04/29 15:50:18 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\GetRightToGo
[2009/12/15 20:08:45 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Imaxel
[2010/02/19 12:34:23 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Kingston
[2008/06/07 11:02:33 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\LEAPS
[2008/10/26 16:27:09 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Mp3tag
[2008/06/07 10:47:58 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Pegasys Inc
[2010/02/19 12:34:23 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\SecureTraveler
[2011/03/22 13:52:10 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Security_File
[2009/11/28 10:26:40 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Thinstall
[2010/10/23 11:58:49 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\TuneUp Software
[2008/12/21 19:43:21 | 000,000,000 | -H-D | M] -- C:\Users\Nils\AppData\Roaming\Xilisoft Corporation
[2008/03/30 12:31:09 | 000,000,000 | -H-D | M] -- C:\ProgramData\ACD Systems
[2008/03/30 11:54:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/03/30 11:54:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2008/03/30 11:54:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2008/03/30 12:42:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\Insight Software Solutions
[2008/10/01 14:26:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\Pictomio
[2009/10/11 08:30:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Roaming
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/03/30 11:54:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2010/10/23 14:34:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\T-Online
[2011/04/29 15:50:22 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2006/11/02 09:00:38 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/02/19 12:45:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\TrueCrypt
[2010/10/23 11:58:45 | 000,000,000 | -H-D | M] -- C:\ProgramData\TuneUp Software
[2008/03/30 11:54:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/03/21 14:01:59 | 000,000,000 | -H-D | M] -- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/04/03 10:38:38 | 000,000,000 | -H-D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/12 14:52:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/07 16:02:17 | 000,000,000 | -H-D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/10/23 11:57:36 | 000,000,000 | -HSD | M] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/10/24 10:20:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2011/04/29 13:35:51 | 000,000,220 | -H-- | M] () -- C:\Windows\Tasks\OGADaily.job
[2011/04/29 15:05:30 | 000,000,220 | -H-- | M] () -- C:\Windows\Tasks\OGALogon.job
[2011/04/29 15:52:17 | 000,032,510 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/04/29 15:43:30 | 000,000,282 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011/04/29 15:43:29 | 000,000,244 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011/04/29 15:47:27 | 000,000,282 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
< End of report >