mein laptop wurde von dem GEMA-Trojaner befallen. Was kann ich jetzt tun. Gescant habe ich schon. Wurde auch ein Trojaner gefunden. was kann ich jetzt tun?OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 13.06.2012 16:36:57 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Omar-Lück\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,70 Gb Available Physical Memory | 69,05% Memory free
7,82 Gb Paging File | 6,87 Gb Available in Paging File | 87,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 412,97 Gb Free Space | 91,56% Space Free | Partition Type: NTFS
Computer Name: OMAR-LÜCK-PC | User Name: Omar-Lück | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Omar-Lück\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Mobile Partner. RunOuc) -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.)
SRV - (NAUpdate) @C:\Program Files (x86) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10026&barid={3828943B-B486-11E1-9A9E-E4D53DF0EE5C}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10026&barid={3828943B-B486-11E1-9A9E-E4D53DF0EE5C}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10026&barid={3828943B-B486-11E1-9A9E-E4D53DF0EE5C}
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10026&barid={3828943B-B486-11E1-9A9E-E4D53DF0EE5C}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Omar-Lück\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.06.04 22:57:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.12 23:20:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.06.02 20:34:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Omar-Lück\AppData\Roaming\mozilla\Extensions
[2012.06.12 23:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.01 17:38:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.01 18:33:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Omar-L\u00FCck\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Omar-L\u00FCck\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Omar-L\u00FCck\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Omar-L\u00FCck\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Skype Click to Call = C:\Users\Omar-Lück\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Yontoo = C:\Users\Omar-Lück\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Skype Click to Call = C:\Users\Omar-Lück\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: Yontoo = C:\Users\Omar-Lück\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120604225711.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120604225711.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [7C4E86D4] C:\Users\Omar-Lück\AppData\Roaming\Cwpkmyfmk\FD61EC087C4E86D45BDC.exe ()
O4 - HKCU..\Run: [Facebook Update] "C:\Users\Omar-Lück\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKCU..\Run: [Google Update] "C:\Users\Omar-Lück\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B1ABD20-260D-42F8-AD1C-FA9AF1BE5094}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5DFAD7F-2EC5-4560-B014-2E25D9FD281C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA64445C-7C48-43BA-80EF-BAF7AAD99417}: DhcpNameServer = 172.5.1.161
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c1ed98c6-ab62-11e1-9df7-e4d53df0ee5c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1ed98c6-ab62-11e1-9df7-e4d53df0ee5c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c1ed98db-ab62-11e1-9df7-e4d53df0ee5c}\Shell - "" = AutoRun
O33 - MountPoints2\{c1ed98db-ab62-11e1-9df7-e4d53df0ee5c}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.13 16:35:36 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Omar-Lück\Desktop\OTL.exe
[2012.06.13 16:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.06.13 14:07:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\ElevatedDiagnostics
[2012.06.13 12:47:42 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Cwpkmyfmk
[2012.06.12 23:33:28 | 008,769,696 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012.06.12 23:24:54 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012.06.12 23:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.06.12 23:14:24 | 000,000,000 | ---D | C] -- C:\PFiles
[2012.06.12 21:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.06.12 21:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.06.12 21:20:56 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.06.12 14:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2012.06.12 14:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2012.06.12 14:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012.06.12 14:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.06.12 14:00:02 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
[2012.06.12 14:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLVPlayer
[2012.06.12 13:03:11 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{CF369C60-B6ED-4DDF-A372-D175B1062D8F}
[2012.06.12 13:02:55 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{81ECB7DC-86A0-4C14-81F1-BB6083D77AE7}
[2012.06.11 22:08:51 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{E50ACCF0-8CCC-4DC6-A5A0-A06A5C12B82E}
[2012.06.11 22:08:30 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{E8BC0301-8CEC-4090-A678-521A9D8BB474}
[2012.06.11 02:01:11 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.06.10 23:47:52 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{6E56E486-1AFC-4228-8D3E-AA84F93C995F}
[2012.06.10 23:47:42 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{A0588A41-BA9D-44CD-BCA7-922D071F69F0}
[2012.06.10 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{796F87E9-9FFE-4F30-838C-B7D47AC5A47F}
[2012.06.10 13:33:28 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{22C03F8C-C7DE-4D41-BD86-8CEFEA164B7D}
[2012.06.10 00:52:33 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{1C7D250F-29D2-4E9A-B3C5-EBA41FC2327B}
[2012.06.10 00:52:23 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{81B677CB-933B-4881-8B4B-69B696AF7756}
[2012.06.09 21:15:31 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{7617E4C5-FC84-4D80-BEFA-AACA44921EC0}
[2012.06.09 21:14:59 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{009463D2-0E4B-4CF4-827A-24DC6EDB2D0B}
[2012.06.09 13:56:28 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Windows Live
[2012.06.09 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\{FE402D59-D61D-4D06-9F58-EDEA7E6CDBDC}
[2012.06.09 03:38:39 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\IDT
[2012.06.08 23:56:19 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\Tracing
[2012.06.06 19:54:49 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Facebook
[2012.06.05 13:31:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012.06.05 13:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2012.06.04 22:57:11 | 000,010,248 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnk.sys
[2012.06.04 22:57:10 | 000,162,192 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2012.06.04 22:57:05 | 000,289,664 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys
[2012.06.04 22:57:02 | 000,647,208 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys
[2012.06.04 22:57:02 | 000,100,912 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mferkdet.sys
[2012.06.04 22:57:00 | 000,487,296 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfefirek.sys
[2012.06.04 22:56:58 | 000,229,528 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys
[2012.06.04 22:56:57 | 000,160,792 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys
[2012.06.04 22:56:54 | 000,065,264 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\cfwids.sys
[2012.06.04 03:19:32 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012.06.04 03:19:32 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012.06.04 03:19:31 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012.06.04 03:19:31 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012.06.04 03:19:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012.06.04 03:19:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012.06.04 03:19:30 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012.06.04 03:19:30 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012.06.04 03:19:30 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012.06.04 03:19:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012.06.04 03:19:29 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012.06.04 03:09:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012.06.04 03:09:34 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012.06.04 03:09:33 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2012.06.04 00:15:41 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2012.06.04 00:15:26 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2012.06.04 00:15:26 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2012.06.04 00:15:23 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012.06.04 00:15:23 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012.06.04 00:15:23 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012.06.04 00:15:22 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012.06.04 00:15:13 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012.06.04 00:15:07 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012.06.04 00:15:07 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012.06.04 00:15:06 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012.06.04 00:15:06 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012.06.04 00:15:06 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012.06.04 00:15:06 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012.06.04 00:15:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2012.06.04 00:15:02 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012.06.04 00:15:02 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012.06.04 00:15:00 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2012.06.04 00:14:59 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2012.06.04 00:14:58 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2012.06.04 00:14:56 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2012.06.04 00:14:55 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2012.06.04 00:13:21 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012.06.04 00:13:16 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2012.06.04 00:13:16 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2012.06.04 00:13:15 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012.06.04 00:13:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012.06.04 00:13:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012.06.04 00:09:02 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012.06.04 00:09:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012.06.04 00:09:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012.06.03 18:40:44 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\WildTangentv1000
[2012.06.03 18:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HipSoft
[2012.06.02 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Mozilla
[2012.06.02 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Mozilla
[2012.06.02 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.02 20:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.06.02 15:08:37 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Diagnostics
[2012.06.02 03:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.06.01 22:47:09 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Google
[2012.06.01 22:46:25 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Deployment
[2012.06.01 22:46:25 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Apps
[2012.06.01 21:17:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012.06.01 21:17:18 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012.06.01 18:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mobile Partner
[2012.06.01 18:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2012.06.01 18:50:47 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WdfCoInstaller01007.dll
[2012.06.01 18:50:47 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfCoInstaller01007.dll
[2012.06.01 18:50:47 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\windows\SysNative\drivers\mod7700.sys
[2012.06.01 18:50:47 | 000,421,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbwwan.sys
[2012.06.01 18:50:47 | 000,221,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbmdm.sys
[2012.06.01 18:50:47 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juwwanecm.sys
[2012.06.01 18:50:47 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwusbdev.sys
[2012.06.01 18:50:47 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcacm.sys
[2012.06.01 18:50:47 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jubusenum.sys
[2012.06.01 18:50:47 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcecm.sys
[2012.06.01 18:50:47 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\windows\SysNative\drivers\ewdcsc.sys
[2012.06.01 18:50:47 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juextctrl.sys
[2012.06.01 18:50:47 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwupgrade.sys
[2012.06.01 18:50:47 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_usbenumfilter.sys
[2012.06.01 18:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobile Partner
[2012.06.01 18:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2012.06.01 12:30:07 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.05.31 23:44:16 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\PlayFirst
[2012.05.31 23:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2012.05.31 22:59:46 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Reallusion
[2012.05.31 21:33:45 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Skype
[2012.05.31 20:55:18 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Windows Live Writer
[2012.05.31 20:55:18 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Windows Live Writer
[2012.05.31 20:22:13 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Nero_AG
[2012.05.31 20:22:06 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\SyncUP
[2012.05.31 20:21:13 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\Mein Backup Datei
[2012.05.31 20:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012.05.31 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Powercinema
[2012.05.31 20:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012.05.31 20:12:33 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\CyberLink
[2012.05.31 20:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2012.05.31 20:11:08 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\ArcSoft
[2012.05.31 20:07:09 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\PCDr
[2012.05.31 20:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2012.05.31 20:05:22 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\ZinioReader4
[2012.05.31 20:05:08 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Adobe
[2012.05.31 20:05:07 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Adobe
[2012.05.31 20:05:05 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Nero
[2012.05.31 20:05:03 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Nero
[2012.05.31 20:04:40 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Desktop\MySyncUPFiles
[2012.05.31 20:03:52 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Fingertapps
[2012.05.31 20:03:51 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Dell
[2012.05.31 20:03:48 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Broadcom
[2012.05.31 20:03:48 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\Documents\Bluetooth-Exchange-Ordner
[2012.05.31 20:03:43 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Intel Corporation
[2012.05.31 20:03:41 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Dell Touch Zone
[2012.05.31 20:03:33 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Dell
[2012.05.31 20:03:31 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Roxio
[2012.05.31 20:03:28 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Creative
[2012.05.31 20:03:25 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Leadertech
[2012.05.31 20:03:04 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.05.31 20:03:04 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Searches
[2012.05.31 20:03:04 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.05.31 20:02:56 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Identities
[2012.05.31 20:02:53 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Contacts
[2012.05.31 20:02:51 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\VirtualStore
[2012.05.31 19:55:38 | 000,000,000 | --SD | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Videos
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Desktop\Spiele spielen
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Saved Games
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Pictures
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Music
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Links
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Favorites
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Downloads
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Documents
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\Desktop
[2012.05.31 19:55:38 | 000,000,000 | R--D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Vorlagen
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\AppData\Local\Verlauf
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\AppData\Local\Temporary Internet Files
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Startmenü
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\SendTo
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Recent
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Netzwerkumgebung
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Lokale Einstellungen
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Documents\Eigene Videos
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Documents\Eigene Musik
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Eigene Dateien
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Documents\Eigene Bilder
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Druckumgebung
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Cookies
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\AppData\Local\Anwendungsdaten
[2012.05.31 19:55:38 | 000,000,000 | -HSD | C] -- C:\Users\Omar-Lück\Anwendungsdaten
[2012.05.31 19:55:38 | 000,000,000 | -H-D | C] -- C:\Users\Omar-Lück\AppData
[2012.05.31 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Temp
[2012.05.31 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\SoftThinks
[2012.05.31 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Local\Microsoft
[2012.05.31 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Media Center Programs
[2012.05.31 19:55:38 | 000,000,000 | ---D | C] -- C:\Users\Omar-Lück\AppData\Roaming\Macromedia
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.05.31 19:55:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
========== Files - Modified Within 30 Days ==========
[2012.06.13 16:33:29 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Omar-Lück\Desktop\OTL.exe
[2012.06.13 16:15:12 | 001,612,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.06.13 16:15:12 | 000,696,620 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.06.13 16:15:12 | 000,651,938 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.06.13 16:15:12 | 000,147,916 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.06.13 16:15:12 | 000,120,870 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.06.13 16:10:34 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.06.13 16:10:18 | 3149,086,720 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.13 14:49:38 | 000,019,470 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\attachment.php
[2012.06.13 13:59:00 | 000,000,944 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000UA.job
[2012.06.13 13:56:54 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.13 13:56:54 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.13 13:33:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.06.13 13:04:00 | 000,001,136 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000UA.job
[2012.06.13 12:55:32 | 000,001,084 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000Core.job
[2012.06.13 12:55:32 | 000,000,506 | ---- | M] () -- C:\windows\tasks\SystemToolsDailyTest.job
[2012.06.13 12:52:14 | 000,089,075 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\locked-551577_4103517105273_1491520161_n.jpg.mfne
[2012.06.13 12:52:14 | 000,070,502 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\locked-11766_4103514705213_2064503942_n.jpg.yepw
[2012.06.13 12:52:14 | 000,053,778 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\locked-562233_10150964045944797_1376476647_n.jpg.kmky
[2012.06.13 12:52:14 | 000,000,228 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\locked-SweetPcFix.url.mmdz
[2012.06.13 12:51:44 | 000,000,017 | ---- | M] () -- C:\Users\Omar-Lück\AppData\Local\locked-resmon.resmoncfg.ogud
[2012.06.13 12:48:22 | 000,004,177 | ---- | M] () -- C:\locked-dell.sdr.fotf
[2012.06.13 12:48:15 | 000,008,192 | ---- | M] () -- C:\locked-BOOTSECT.BAK.xnxd
[2012.06.12 23:33:36 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012.06.12 23:33:36 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.12 23:33:28 | 008,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe
[2012.06.12 23:20:26 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.12 20:38:13 | 000,000,922 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000Core.job
[2012.06.12 14:00:02 | 000,001,023 | ---- | M] () -- C:\Users\Omar-Lück\Desktop\FLV Player.lnk
[2012.06.06 22:29:13 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.06.05 15:26:37 | 000,000,564 | ---- | M] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.06.04 03:47:39 | 000,319,144 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012.06.04 03:14:17 | 001,590,378 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.06.01 18:51:01 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.06.01 18:50:49 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012.06.01 18:50:26 | 001,001,472 | ---- | M] (DiBcom SA) -- C:\windows\SysNative\drivers\mod7700.sys
[2012.06.01 18:50:26 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_usbenumfilter.sys
[2012.06.01 18:50:25 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbwwan.sys
[2012.06.01 18:50:25 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbmdm.sys
[2012.06.01 18:50:25 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juwwanecm.sys
[2012.06.01 18:50:25 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwusbdev.sys
[2012.06.01 18:50:25 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcacm.sys
[2012.06.01 18:50:25 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jubusenum.sys
[2012.06.01 18:50:25 | 000,069,632 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_jucdcecm.sys
[2012.06.01 18:50:25 | 000,032,768 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\windows\SysNative\drivers\ewdcsc.sys
[2012.06.01 18:50:25 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_juextctrl.sys
[2012.06.01 18:50:25 | 000,022,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ew_hwupgrade.sys
[2012.06.01 18:50:24 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WdfCoInstaller01007.dll
[2012.06.01 18:50:24 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfCoInstaller01007.dll
[2012.05.31 19:58:29 | 000,159,772 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2012.05.31 19:58:29 | 000,159,772 | ---- | M] () -- C:\windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2012.06.13 14:49:38 | 000,019,470 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\attachment.php
[2012.06.12 23:24:54 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012.06.12 23:20:26 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.12 23:20:25 | 000,001,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.12 14:00:26 | 000,000,228 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\locked-SweetPcFix.url.mmdz
[2012.06.12 14:00:02 | 000,001,023 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\FLV Player.lnk
[2012.06.11 01:59:24 | 000,001,136 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000UA.job
[2012.06.11 01:59:24 | 000,001,084 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000Core.job
[2012.06.06 22:29:13 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.06.06 22:24:38 | 000,070,502 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\locked-11766_4103514705213_2064503942_n.jpg.yepw
[2012.06.06 22:21:50 | 000,089,075 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\locked-551577_4103517105273_1491520161_n.jpg.mfne
[2012.06.06 19:54:56 | 000,000,944 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000UA.job
[2012.06.06 19:54:55 | 000,000,922 | ---- | C] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000Core.job
[2012.06.06 01:24:43 | 000,053,778 | ---- | C] () -- C:\Users\Omar-Lück\Desktop\locked-562233_10150964045944797_1376476647_n.jpg.kmky
[2012.06.05 13:31:59 | 000,000,564 | ---- | C] () -- C:\windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.06.05 13:31:55 | 000,000,506 | ---- | C] () -- C:\windows\tasks\SystemToolsDailyTest.job
[2012.06.01 18:51:01 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.06.01 18:50:49 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012.05.31 21:03:04 | 000,000,017 | ---- | C] () -- C:\Users\Omar-Lück\AppData\Local\locked-resmon.resmoncfg.ogud
[2012.05.31 20:03:11 | 000,001,407 | ---- | C] () -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.05.31 20:03:06 | 000,001,441 | ---- | C] () -- C:\Users\Omar-Lück\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.05.31 20:02:44 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
[2012.02.11 17:42:38 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012.02.11 17:42:37 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012.02.11 17:42:36 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012.02.11 16:30:10 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2011.11.16 22:49:04 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011.11.16 22:49:01 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011.11.16 22:49:01 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011.11.16 22:49:01 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011.11.16 22:49:01 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011.11.16 22:49:01 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011.11.16 22:49:01 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011.11.16 22:49:01 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011.11.16 21:25:01 | 001,590,378 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
========== LOP Check ==========
[2012.06.13 12:47:42 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\Cwpkmyfmk
[2012.05.31 20:03:52 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\Fingertapps
[2012.06.09 03:38:39 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\IDT
[2012.05.31 20:03:25 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\Leadertech
[2012.06.05 13:29:37 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\PCDr
[2012.05.31 23:44:16 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\PlayFirst
[2012.06.03 23:23:14 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\WildTangentv1000
[2012.05.31 20:55:18 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\Windows Live Writer
[2012.05.31 20:05:22 | 000,000,000 | ---D | M] -- C:\Users\Omar-Lück\AppData\Roaming\ZinioReader4
[2012.06.12 20:38:13 | 000,000,922 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000Core.job
[2012.06.13 13:59:00 | 000,000,944 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-415561047-328407582-3016246560-1000UA.job
[2012.06.05 15:26:37 | 000,000,564 | ---- | M] () -- C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2009.07.14 07:08:49 | 000,011,720 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2012.06.13 12:55:32 | 000,000,506 | ---- | M] () -- C:\windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
< End of report >
13.06.2012, 16:18
Baum-Darstellung