OTL logfile created on: 14.01.2011 13:41:15 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Dokumente und Einstellungen\Florian\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.023,00 Mb Total Physical Memory | 649,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 51,59 Gb Total Space | 15,48 Gb Free Space | 30,00% Space Free | Partition Type: NTFS
Drive E: | 14,92 Gb Total Space | 12,37 Gb Free Space | 82,87% Space Free | Partition Type: FAT32
 
Computer Name: FLORIAN | User Name: Florian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Dokumente und Einstellungen\Florian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Dropbox\bin\Dropbox.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
PRC - C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Dokumente und Einstellungen\Florian\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (PhoenixInstallerHelper) -- D:\Tools\pinstripe.exe File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\WINDOWS\system32\bgsvcgen.exe (B.H.A Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (e1express) Intel(R) -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\WINDOWS\system32\5005 [2010.06.25 08:41:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{10C5DC71-1DEF-46aa-8144-75BA758F2E66}: C:\WINDOWS\system32\ffsp002 [2010.07.02 12:22:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.12.15 17:28:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.12.15 17:28:41 | 000,000,000 | ---D | M]
 
[2008.09.23 08:45:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla\Extensions
[2011.01.13 12:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla\Firefox\Profiles\if93u98q.default\extensions
[2010.11.29 10:32:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla\Firefox\Profiles\if93u98q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.13 12:07:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.11 09:16:20 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.07.27 08:25:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.25 08:41:10 | 000,000,000 | ---D | M] (Java String Helper) -- C:\WINDOWS\SYSTEM32\5005
[2004.11.13 04:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Mozilla Firefox\plugins\NPAdbESD.dll
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.14 16:35:06 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.14 16:35:06 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.14 16:35:06 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.14 16:35:06 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.14 16:35:06 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {10C5DC71-1DEF-46aa-8144-75BA758F2E66} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {21A7536D-913F-44fd-8BE0-D51DAFF5CC68} - No CLSID value found.
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (Burn4Free Toolbar Helper) - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O2 - BHO: (no name) - {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA} - No CLSID value found.
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Burn4Free Toolbar) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [REGSHAVE] C:\Programme\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe File not found
O4 - HKCU..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - HKCU..\Run: [XSC SIP Client] C:\Programme\sipgate X-Lite\sipgateXLite.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Exif Launcher 2.lnk = C:\Programme\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1153937796659 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.26 16:57:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{942af7a2-5867-11db-9992-0017313b2614}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{976c2bf1-4944-11db-9983-0017313b2614}\Shell\AutoRun\command - "" = E:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{976c2bf1-4944-11db-9983-0017313b2614}\Shell\dismount\command - "" = E:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{976c2bf1-4944-11db-9983-0017313b2614}\Shell\mount\command - "" = E:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{976c2bf1-4944-11db-9983-0017313b2614}\Shell\open\command - "" = E:\TrueCrypt\TrueCrypt.exe -- File not found
O33 - MountPoints2\{bd6e5454-68db-11db-99a0-0017313b2614}\Shell\verb1\command - "" = desktop.exe
O33 - MountPoints2\{dd37feb6-44ba-11dc-9a56-0017313b2614}\Shell\verb1\command - "" = desktop.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2011.01.14 11:05:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Malwarebytes
[2011.01.14 11:05:17 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.01.14 11:05:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.01.14 11:05:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.01.14 11:05:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.01.14 11:05:12 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.01.13 12:31:38 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Florian\Desktop\mbam-setup-1.50.1.1100.exe
[2011.01.13 12:24:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Florian\Desktop\OTL.exe
[2011.01.13 11:54:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.08.28 13:16:20 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\My Dropbox
[2010.08.28 13:03:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Dropbox
[2010.08.28 13:03:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Dropbox
[2010.08.02 12:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\Downloads
[2010.07.27 08:25:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.07.27 08:25:15 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.07.27 08:25:15 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.07.27 08:25:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.07.27 08:25:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.07.11 09:16:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2010.07.08 08:34:06 | 000,000,000 | ---D | C] -- C:\Anwendungsdaten
[2010.07.02 08:16:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ffsph001
[2010.07.02 08:16:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ffsp002
[2010.06.24 14:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\5005
[2010.05.28 09:16:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Desktop\doro
[2010.05.17 09:05:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\DK-GA-NEU
[2010.05.17 08:57:49 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.03.30 23:16:34 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010.03.30 23:10:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2011.01.14 13:38:06 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.14 13:38:01 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.01.14 13:37:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.13 12:32:17 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Florian\Desktop\mbam-setup-1.50.1.1100.exe
[2011.01.13 12:26:22 | 000,296,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Desktop\3qukh6gu.exe
[2011.01.13 12:24:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Florian\Desktop\OTL.exe
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.15 16:25:46 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.11.29 10:26:26 | 000,462,322 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.11.29 10:26:26 | 000,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.29 10:26:26 | 000,085,344 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.11.29 10:26:26 | 000,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.29 10:24:19 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2010.09.19 18:39:12 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.09.09 09:25:48 | 000,023,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\Die zwei Raben.doc
[2010.08.28 13:16:20 | 000,001,018 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\Dropbox.lnk
[2010.08.28 13:16:20 | 000,001,018 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Desktop\Dropbox.lnk
[2010.06.25 10:28:12 | 000,137,216 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\DA-6_KA-4-Spielmit_Anleitung-Peteka_fh.doc
[2010.06.14 15:30:28 | 000,743,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.06.10 12:41:10 | 000,142,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 12:14:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.02 09:24:36 | 001,851,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010.05.02 09:24:36 | 001,851,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010.04.20 06:46:39 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010.04.20 06:46:39 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2010.04.16 16:35:17 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010.04.16 16:35:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010.04.16 16:35:17 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2010.04.16 16:35:17 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2010.04.16 16:35:16 | 001,506,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010.04.16 16:35:16 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010.04.16 16:35:16 | 000,532,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2010.04.16 16:35:16 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2010.04.16 16:35:16 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll
[2010.04.16 16:35:15 | 003,086,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010.04.16 16:35:15 | 000,449,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2010.04.16 16:35:15 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2010.04.16 16:35:15 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll
[2010.04.16 16:35:13 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010.04.16 16:35:13 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010.04.16 16:35:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2010.04.16 16:35:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inseng.dll
[2010.04.16 16:35:13 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010.04.16 16:35:13 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2010.04.16 16:35:12 | 001,056,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2010.04.16 16:35:12 | 001,056,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2010.04.16 16:35:12 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2010.04.16 16:35:12 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll
[2010.04.16 16:35:12 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2010.04.16 16:35:12 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll
[2010.04.16 16:35:12 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010.04.16 16:35:12 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010.04.16 16:35:12 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll
[2010.04.16 16:35:11 | 001,023,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010.04.16 16:35:11 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2010.04.16 16:23:21 | 000,371,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010.04.16 14:47:34 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010.04.16 14:36:53 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2010.04.12 16:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.04.12 16:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.04.12 16:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.04.12 14:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.04.03 05:39:36 | 002,377,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2010.04.03 05:39:36 | 002,377,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2010.03.30 23:16:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010.03.30 23:10:40 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010.03.10 09:02:30 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010.03.10 09:02:30 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2010.03.05 15:54:54 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010.03.05 15:54:54 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010.02.24 13:31:30 | 000,454,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010.02.16 20:30:58 | 002,060,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010.02.16 20:30:57 | 002,183,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010.02.16 20:30:53 | 002,139,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010.02.16 20:30:53 | 002,139,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.02.16 20:30:52 | 002,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.02.16 20:30:52 | 002,019,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010.02.12 11:03:03 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.02.12 05:45:14 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010.02.11 13:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010.02.11 13:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010.02.05 19:38:59 | 001,296,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010.01.29 16:06:07 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010.01.29 15:43:35 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2010.01.29 15:43:35 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.01.13 12:26:22 | 000,296,448 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Desktop\3qukh6gu.exe
[2010.12.15 16:25:46 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.11.29 10:23:51 | 000,001,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2010.09.09 09:25:48 | 000,023,552 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\Die zwei Raben.doc
[2010.08.28 13:16:20 | 000,001,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\Dropbox.lnk
[2010.08.28 13:16:20 | 000,001,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Desktop\Dropbox.lnk
[2010.06.25 10:16:49 | 000,137,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Eigene Dateien\DA-6_KA-4-Spielmit_Anleitung-Peteka_fh.doc
[2007.12.18 12:27:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.02.21 17:21:07 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.07.26 21:14:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\dm.ini
[2006.07.26 21:14:19 | 000,001,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\AdobeDLM.log
[2006.07.26 20:44:30 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.07.26 17:33:45 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.07.26 17:21:30 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.07.26 17:15:20 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.07.26 17:11:57 | 000,017,233 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2006.07.26 17:11:49 | 000,017,195 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2006.07.26 17:11:49 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2006.07.26 17:11:44 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005.12.10 12:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005.12.10 12:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005.12.10 12:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005.12.10 12:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.12.10 12:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.12.10 12:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.12.10 12:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2008.03.26 15:05:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2011.01.14 13:38:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Dropbox
[2007.06.08 16:31:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\FUJIFILM
[2007.06.08 16:36:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Leadertech
[2010.01.13 09:31:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\NinjaOA
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >