Privacy Protection mit rkill und tdsskiller behandelt. Alles sauber?

hi-5 · 07.11.2011, 17:49

Liebe Leute

Ich habe mir gestern den Privacy Protection Virus eingefangen.
Ich habe dann gegoogelt wie ich den wegkriege und bin auf eure Anleitung gestossen. Habe also folgende Schritte unternommen:
1. Windows im abgesicherten Modus mit Netzwerktreibern gestartet.
2. rkill laufen lassen
3. mit Malwarebytes 4 infizierte Dateien entfernt
4. Root Kit Scan mit tdssrkiller durchgeführt (nichts gefunden)
5. OTL downgeloadet und Logfile erstellt

Nun, da ich wenig Ahnung von Computern habe, wäre ich unheimlich dankbar, wenn mir jemand die angehängten Logfiles auswerten könnte?

Herzlichen Dank schon im Voraus.

OTL Log File (war zu gross für Anhang):

OTL logfile created on: 07.11.2011 10:28:46 - Run 1
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy

1.93 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 65.74% Memory free
4.10 Gb Paging File | 3.63 Gb Available in Paging File | 88.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 69.64 Gb Free Space | 29.90% Space Free | Partition Type: NTFS
Drive D: | 538.34 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 7.47 Gb Total Space | 4.94 Gb Free Space | 66.06% Space Free | Partition Type: FAT32

Computer Name: ***** | User Name: ******* | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Raffaele\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWWSC.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()

========== Win32 Services (SafeList) ==========

SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (Lotus Notes Diagnostics) -- C:\Program Files\IBM\Lotus\Notes\nsd.exe (IBM Corp)
SRV - (CrossLoopService) -- C:\Users\Raffaele\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop Inc)
SRV - (uvnc_service) -- C:\Users\Raffaele\AppData\Local\CrossLoop\winvnc.exe (UltraVNC)
SRV - (Multi-user Cleanup Service) -- C:\Program Files\IBM\Lotus\Notes\ntmulti.exe (IBM Corp)
SRV - (UNS) Intel(R) -- C:\Programme\Common Files\Intel\Privacy Icon\UNS\UNS.EXE (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Programme\Intel\AMT\LMS.EXE (Intel Corporation)
SRV - (AEADIFilters) -- C:\Windows\System32\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (RoxMediaDB10) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)

========== Driver Services (SafeList) ==========

DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111105.009\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20111105.009\NAVENG.SYS (Symantec Corporation)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Programme\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (hotcore3) -- C:\Windows\system32\DRIVERS\hotcore3.sys (Paragon Software Group)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (e1yexpress) Intel(R) -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (rismc32) -- C:\Windows\System32\drivers\rismc32.sys (RICOH Company, Ltd.)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://hotmail.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 33 64 73 F2 B0 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:7070

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/home.php | hxxp://twitter.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: dvscontextmenuy@dvdvideosoft.com:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {1544D611-955F-4ceb-95D3-82C720C29EAE}:1.1.0
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011.09.13 08:20:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.30 08:55:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.25 12:54:40 | 000,000,000 | ---D | M]

[2009.09.02 11:37:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raffaele\AppData\Roaming\mozilla\Extensions
[2011.10.11 23:41:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Raffaele\AppData\Roaming\mozilla\Firefox\Profiles\7nkp4doo.default\extensions
[2010.04.28 01:34:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Raffaele\AppData\Roaming\mozilla\Firefox\Profiles\7nkp4doo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.16 06:11:09 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Raffaele\AppData\Roaming\mozilla\Firefox\Profiles\7nkp4doo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.10.27 10:00:06 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Raffaele\AppData\Roaming\mozilla\Firefox\Profiles\7nkp4doo.default\extensions\firesheep@codebutler.com
[2009.09.22 12:29:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Raffaele\AppData\Roaming\mozilla\Firefox\Profiles\7nkp4doo.default\extensions\moveplayer@movenetworks.com
[2011.06.12 02:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.10.30 06:23:40 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2010.04.06 14:11:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.08.09 07:43:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.14 12:45:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.21 00:13:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.12 02:06:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\RAFFAELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7NKP4DOO.DEFAULT\EXTENSIONS\{1544D611-955F-4CEB-95D3-82C720C29EAE}.XPI
() (No name found) -- C:\USERS\RAFFAELE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7NKP4DOO.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI
[2011.09.30 08:55:57 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.03 20:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.04.07 09:57:56 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.01 02:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 02:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 02:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 02:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 02:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 02:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [snuvcdsm] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Raffaele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Raffaele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Raffaele\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Raffaele\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://studmaillz.unisg.ch/dwa7W.cab (Domino Web Access 7 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A7E235FE-B7B3-45F4-9F31-3561CE9FEAE7}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7282A2D-7A8F-4F62-8C50-AA2F3681C9FF}: DhcpNameServer = 128.101.101.101 134.84.84.84
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA483D52-F491-434A-BE95-3D3EC76EFB4D}: DhcpNameServer = 138.188.101.186 138.188.101.189
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) -C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Programme\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Users\Raffaele\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Raffaele\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.14 08:14:39 | 000,000,235 | R--- | M] () - D:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.09.27 06:35:00 | 001,049,616 | R--- | M] (Microsoft Corporation) - D:\autorun.exe -- [ CDFS ]
O33 - MountPoints2\{0e79b82f-ebd0-11de-8ca7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0e79b82f-ebd0-11de-8ca7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{d61e6c61-97c8-11de-b7d8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d61e6c61-97c8-11de-b7d8-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2007.09.27 06:35:00 | 001,049,616 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{d61e6c61-97c8-11de-b7d8-806e6f6e6963}\Shell\directx\command - "" = D:\directx9\DXSETUP.exe -- [2005.05.26 16:34:41 | 000,482,000 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{d61e6c61-97c8-11de-b7d8-806e6f6e6963}\Shell\setup\command - "" = D:\setup.exe -- [2007.10.02 06:24:20 | 000,304,136 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.11.07 10:23:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Raffaele\Desktop\OTL.exe
[2011.11.06 21:15:09 | 001,563,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Raffaele\Desktop\tdsskiller.exe
[2011.11.06 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Roaming\Malwarebytes
[2011.11.06 21:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.06 21:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.06 21:02:28 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.06 21:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.06 21:01:50 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Raffaele\Desktop\Hans.exe.exe
[2011.11.06 14:58:24 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{26B5C0C7-4BD7-467B-B328-DE3D02EBDA25}
[2011.11.06 14:58:12 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{4E4D2722-38EE-4BCF-A37F-0BD15DB6929C}
[2011.11.06 02:57:53 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{7327BC2D-6053-4780-908D-1DE6BD05D13C}
[2011.11.06 02:57:42 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{83B3D684-4A9D-4F92-AB8F-3963CFD71631}
[2011.11.05 02:57:09 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{EBB143E4-1A97-47A2-8DCC-8DA5E60C6E29}
[2011.11.04 08:36:10 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{4B028F71-A6C3-4E8E-89AC-96842A25E746}
[2011.11.04 08:35:56 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{3BF88727-6D3C-4849-9354-A96DE140C62F}
[2011.11.03 20:36:07 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{B439A323-A130-4986-A1ED-F8157946A6D9}
[2011.11.03 02:07:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.11.03 02:01:24 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{6B0C6AF8-DB09-4EA9-8C86-A934AFAD057B}
[2011.11.03 02:00:38 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{06AA1B0E-6158-4017-AD6B-EF55E5419DA2}
[2011.11.02 09:46:55 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{AD210BF2-E87B-4715-ABD3-D3B6197931DB}
[2011.11.02 09:46:10 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{FCD30B8D-0E19-47B0-A881-2FE24C97A7C8}
[2011.11.01 19:59:20 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{3894B049-30DA-47B2-841B-49F5F68D3803}
[2011.11.01 19:58:50 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{458BDFEB-3A2C-426F-AE43-382F34837B06}
[2011.11.01 07:57:57 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5B61877E-DBC5-4E06-8BF8-0237D4ABFFDA}
[2011.11.01 07:57:30 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{008BF5EE-B2EA-4006-9392-763ED1133CBF}
[2011.10.31 10:48:57 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{83AA8064-79D1-42F5-AFDE-1822F4922EDE}
[2011.10.31 10:48:43 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{DB353AEE-A68C-490A-B9BA-477E7EC27593}
[2011.10.30 22:48:28 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{C0E7F88C-AC27-4A13-98E7-EC22CF825A3E}
[2011.10.30 22:48:17 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{625F02CA-9D8D-4135-B49A-5C29E7870EB7}
[2011.10.30 10:49:40 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{ECCA9F45-E921-4C47-91BF-241F5307D1A1}
[2011.10.29 22:49:27 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{CF3536FA-A917-4656-9641-0CAB2219195E}
[2011.10.29 22:49:14 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{0964B96A-870B-4920-9A72-5BE9953332CF}
[2011.10.29 10:48:42 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{B424F377-6982-40C1-9031-AC7C3BF74538}
[2011.10.29 10:48:29 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{03035DA4-D1DE-49D8-81C2-B2F9B07C6DDA}
[2011.10.28 22:19:29 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{FAFCD6EA-834C-4F9A-8CB5-7E080816E48C}
[2011.10.28 22:19:14 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{A52FC619-BB41-4A5C-B32B-E3E2BF118268}
[2011.10.28 10:18:59 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{381533A8-8850-46AD-9D69-F7674555A1EE}
[2011.10.28 10:18:46 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{F25247DC-57F5-49B7-8766-B58746708418}
[2011.10.27 22:18:31 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{438F01CB-F644-435C-B307-796829096656}
[2011.10.27 22:18:15 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{DED81BEA-F419-43B5-ACDB-19F569E53E3D}
[2011.10.27 10:18:02 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{0A373735-7382-4991-B9F4-75BFDB864619}
[2011.10.27 10:17:13 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{DBDB684A-D210-474B-B1F1-9721F8D365BC}
[2011.10.26 21:04:43 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{EDFA0428-226B-4354-93D8-C863CD31A399}
[2011.10.26 21:04:31 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{90604628-ABA4-41A6-AEEB-B6AA31A8AE92}
[2011.10.26 09:04:03 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{89ACE10C-8759-4912-917E-7962DAAE7714}
[2011.10.26 09:03:26 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{73D73D5C-A405-4C2A-A4FA-AE4E41DD18D1}
[2011.10.25 12:13:55 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{6AD83093-21E0-4EA7-9CD9-D134E11F47BE}
[2011.10.25 12:13:43 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{EB83324F-EC13-4526-B530-8598ED2ED18F}
[2011.10.25 00:13:06 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{35716CD5-BCD5-48E8-9FEB-A11DE429E510}
[2011.10.25 00:12:04 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{D29C8410-21BC-462F-8BA8-BA17AB1CF5E7}
[2011.10.24 12:11:47 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{41D21AC2-A492-43C6-A15B-C2E96EADE130}
[2011.10.24 12:11:35 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{D59FDB2E-F69A-403B-9530-CF9CF01DA9E3}
[2011.10.24 00:11:16 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{2F82264B-34A7-4A74-BC43-3E15FBA9576A}
[2011.10.24 00:11:03 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{4EFBAFDB-0CE0-4DED-AB89-7760656D475C}
[2011.10.23 12:10:44 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{668414E5-D578-4071-BE8D-0AF3FFBF2455}
[2011.10.23 12:10:32 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{1F84FC02-8FAC-47DC-9FD9-95F2230A7918}
[2011.10.22 10:23:01 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{406BD85E-5C55-48CF-B0AB-885C2D7429C7}
[2011.10.22 10:21:35 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{17455312-311D-4F38-8F5A-29E20C29C0C1}
[2011.10.21 17:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.10.21 17:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.10.21 17:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.10.21 17:19:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.10.21 12:04:02 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{87BF6C94-0604-434B-BD7E-C3F26B65AB79}
[2011.10.21 12:03:51 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{83DCD0F4-583C-4F99-BB30-C80F68C435A9}
[2011.10.21 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{CD8F3B65-9588-40BE-84CB-AA4F44ED7CE8}
[2011.10.21 00:03:25 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{2C6E21A9-ED54-4058-A038-EEDF48AADEF0}
[2011.10.20 12:03:13 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{ACBE0963-95C4-4ECC-AC18-59900250C66C}
[2011.10.20 12:03:02 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{1DBCD825-EDDE-4B7C-A440-CD98CC00192F}
[2011.10.20 00:02:48 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{723ACABA-4780-46AB-8820-7714CD8E88B3}
[2011.10.20 00:02:37 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{E1330B23-038E-4A30-93D2-30D47B67C68E}
[2011.10.19 11:04:08 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{AD8A83A3-FBAF-492A-8047-76CA9DFB8884}
[2011.10.19 11:03:56 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{2ADEBA1F-AB4C-46AF-AA55-D63B27073DF4}
[2011.10.18 23:03:41 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{CAE9AF4A-E001-41E0-B45C-F2D83E0AB164}
[2011.10.18 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{705B5066-C1DF-4711-8B04-F36554211B60}
[2011.10.18 19:47:07 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graphmatica
[2011.10.18 19:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphmatica
[2011.10.18 19:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\Graphmatica
[2011.10.18 11:03:10 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{17AA7C2E-F5EA-4A6D-968B-9131416D315C}
[2011.10.18 11:02:54 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5E571E49-404D-44EC-A7EE-5C2728739708}
[2011.10.17 23:02:23 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{BAA0A2C1-79A0-486B-A531-B3C94B5AD9A1}
[2011.10.17 23:02:12 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{BFDD8CE4-2AFD-4477-BBD7-BDFC3ED18597}
[2011.10.17 10:07:56 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{4E5EC80F-B5FA-44C3-9EB8-95A022173939}
[2011.10.17 10:07:44 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{30936177-7460-4E02-83BF-9EECCC397F34}
[2011.10.16 22:07:26 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{0A4E58AC-CA64-4622-ABD0-9DAE476FF6BA}
[2011.10.16 22:07:08 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{02AA634E-7FB5-430F-ACC9-892E4D0D95FB}
[2011.10.16 10:05:59 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{D8D952D2-A09C-4659-8DEB-16C747893CAE}
[2011.10.16 10:05:41 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{6D528E32-4627-4DF4-87C4-32E5062A8E1E}
[2011.10.15 21:13:19 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{0F0D8C4C-DC8C-444D-82A1-F2F51F363826}
[2011.10.15 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{C0869174-DB09-4DD1-931A-529D4268CCEA}
[2011.10.15 09:12:43 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5598C90A-49C5-4CB8-B364-85EC61BE2753}
[2011.10.15 09:12:02 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{B807C331-761C-41D0-8EB3-FF8C8CAE29D1}
[2011.10.14 11:46:36 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{23CD549B-24BD-4028-ABB7-591EA8CF537E}
[2011.10.14 11:46:21 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{E0A88589-5E96-40CD-8520-FE03954D684B}
[2011.10.13 10:36:59 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{8492A732-B79D-4158-8F6D-173041B4BC85}
[2011.10.13 10:36:46 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{D7F29A3B-23AE-4F4B-9DCA-07726323D48F}
[2011.10.13 02:15:10 | 000,000,000 | ---D | C] -- C:\f6d82a019516acde63b06e0cee9565
[2011.10.13 02:13:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.10.13 02:13:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.10.13 02:13:10 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.10.13 02:13:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.10.13 02:13:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.10.12 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{4B6A3637-CA20-4BBF-A91C-111DEAA279ED}
[2011.10.12 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{87A4809B-BD73-46CF-A55E-71F8BF140378}
[2011.10.12 17:07:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.10.12 17:07:11 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.10.12 17:07:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.10.12 17:07:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.10.12 17:07:07 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.10.12 17:06:23 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011.10.12 17:06:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011.10.12 10:35:46 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5E6A044D-DBD2-4E89-A46F-D54172C93BB1}
[2011.10.12 10:35:33 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{2F3672E5-5634-4F31-AFEB-C0291C00C221}
[2011.10.11 22:35:01 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{90A428E9-92FA-480E-ABB9-6933F9169286}
[2011.10.11 22:34:44 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{AD9DE143-9FF8-43D2-9DC0-D6F273B353E0}
[2011.10.11 10:07:00 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{0152E413-02CD-4551-8680-37537BE64F55}
[2011.10.10 20:35:25 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{22643CD0-F7F1-46EC-9B31-288B2E7D66A4}
[2011.10.10 20:35:09 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5B9D70F5-6561-49E7-84A8-B41536EC1FCD}
[2011.10.10 08:34:29 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{5ED54632-26DA-40AB-A54C-5FB1A3A5CE21}
[2011.10.10 08:33:51 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{2C4D5444-916E-47BA-AB4A-ED730865A031}
[2011.10.09 10:07:46 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{1859A62E-B8C3-46FD-AA13-02C15741DF46}
[2011.10.09 10:07:34 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{7C39B51C-51D8-4B59-96D5-781CC5D52210}
[2011.10.08 22:07:16 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{7479C5E8-4CA2-4885-A9BC-128AAFAD3D2B}
[2011.10.08 22:07:03 | 000,000,000 | ---D | C] -- C:\Users\Raffaele\AppData\Local\{12008424-2183-47EE-ADF4-5E2D635CB1EE}
[2009.09.02 08:30:45 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2009.09.02 08:30:43 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Raffaele\Desktop\*.tmp files -> C:\Users\Raffaele\Desktop\*.tmp -> ]
[1 C:\Users\Raffaele\*.tmp files -> C:\Users\Raffaele\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.07 10:23:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Raffaele\Desktop\OTL.exe
[2011.11.07 00:33:58 | 000,909,150 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.07 00:33:58 | 000,636,916 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.07 00:33:58 | 000,222,608 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.07 00:33:58 | 000,004,062 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.07 00:28:46 | 000,000,054 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011.11.07 00:28:46 | 000,000,039 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011.11.07 00:26:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.06 21:26:28 | 001,563,952 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Raffaele\Desktop\tdsskiller.exe
[2011.11.06 21:02:31 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.06 21:01:59 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Raffaele\Desktop\Hans.exe.exe
[2011.11.06 20:47:55 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.06 20:47:55 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.06 20:47:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.11.06 20:30:20 | 000,246,304 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.11.06 20:28:43 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.06 18:43:30 | 088,678,227 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011.11.06 18:10:05 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.06 17:18:05 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2011.11.06 13:49:01 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2011.11.06 04:55:21 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2011.11.06 04:31:05 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2011.11.06 02:49:28 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.10.29 01:51:55 | 343,668,827 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.10.21 21:34:44 | 000,188,416 | ---- | M] () -- C:\Users\Raffaele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.17 16:52:17 | 000,317,931 | ---- | M] () -- C:\Users\Raffaele\Desktop\296849_300976639916184_100000115510359_1357400_765453084_n.jpg
[2011.10.14 13:01:16 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.10.13 02:45:38 | 000,438,464 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Raffaele\Desktop\*.tmp files -> C:\Users\Raffaele\Desktop\*.tmp -> ]
[1 C:\Users\Raffaele\*.tmp files -> C:\Users\Raffaele\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.06 21:02:31 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.17 16:48:00 | 000,317,931 | ---- | C] () -- C:\Users\Raffaele\Desktop\296849_300976639916184_100000115510359_1357400_765453084_n.jpg
[2011.07.17 15:57:23 | 000,000,680 | ---- | C] () -- C:\Users\Raffaele\AppData\Local\d3d9caps.dat
[2011.06.17 03:20:29 | 000,188,416 | ---- | C] () -- C:\Users\Raffaele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.11 02:45:31 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.04.10 08:50:14 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.04.08 06:00:03 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011.04.08 06:00:03 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.06.25 11:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2010.04.20 05:14:22 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.04.06 14:16:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.04 15:37:04 | 000,202,048 | ---- | C] () -- C:\Windows\System32\AVLibrary.dll
[2010.03.23 05:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2010.01.20 01:55:22 | 000,000,054 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2010.01.20 01:55:22 | 000,000,039 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2009.10.25 04:52:18 | 000,000,474 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.10.25 04:52:18 | 000,000,034 | ---- | C] () -- C:\Windows\System32\bd9045cd.dat
[2009.10.25 04:52:18 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.09.02 17:57:49 | 000,909,150 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.09.02 17:57:49 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.09.02 17:57:49 | 000,222,608 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.09.02 17:57:49 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.09.02 12:52:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.02 12:52:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.02 12:51:09 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.09.02 11:05:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.09.02 09:43:47 | 000,246,304 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.09.02 09:43:45 | 000,246,304 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.09.02 09:11:26 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2009.09.02 08:30:43 | 001,804,160 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.09.02 08:30:43 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.09.02 08:30:43 | 000,020,480 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2009.09.02 08:30:43 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2009.09.02 08:22:42 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.09.02 08:03:53 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.08.03 07:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 07:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2006.11.02 06:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 06:47:43 | 000,438,464 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 04:33:01 | 000,636,916 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 04:33:01 | 000,004,062 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 04:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.18 07:16:04 | 000,540,178 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2005.01.17 09:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2004.08.09 09:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[1999.10.26 18:00:00 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BAOCH06A.DAT

========== LOP Check ==========

[2009.10.30 07:48:51 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Academic Software Zurich
[2011.10.08 15:06:02 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\benibela
[2011.06.16 11:22:49 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Bump Technologies, Inc
[2011.03.22 11:06:31 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\com.prezi.PreziDesktop
[2011.11.05 13:36:14 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Dropbox
[2011.08.10 00:53:30 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\DVDVideoSoft
[2011.04.21 00:00:18 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.08 05:11:32 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\FFSJ
[2010.04.07 09:58:21 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Foxit
[2011.03.28 06:43:14 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Foxit Software
[2009.09.02 08:16:29 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Hewlett Packard
[2010.05.06 23:50:31 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Hide IP NG
[2011.04.25 08:14:53 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\ImTOO
[2010.07.23 06:09:48 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Information Factory
[2010.05.06 16:54:07 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Mpm
[2010.04.14 08:00:14 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\NCH Swift Sound
[2009.10.06 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\OpenOffice.org
[2010.04.14 08:00:20 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Recordpad
[2010.04.06 10:10:48 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Softland
[2011.06.21 01:40:44 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Stardock
[2011.02.02 13:16:31 | 000,000,000 | ---D | M] -- C:\Users\Raffaele\AppData\Roaming\Windows Live Writer
[2011.11.06 04:55:21 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2011.11.06 04:31:05 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2011.11.06 13:49:01 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2011.11.06 17:18:05 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2011.11.06 02:49:28 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.11.06 20:47:51 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Privacy Protection mit rkill und tdsskiller behandelt. Alles sauber?

Log-Analyse und Auswertung: Privacy Protection mit rkill und tdsskiller behandelt. Alles sauber?

Privacy Protection mit rkill und tdsskiller behandelt. Alles sauber?

Ähnliche Themen: Privacy Protection mit rkill und tdsskiller behandelt. Alles sauber?