| olafs1969 | 29.08.2012 21:56 |
Habe die CD inzw. schon 3 x neu gebrannt. Beim letzten Mal auch beide Links nochmal neu runtergeladen, für den Fall, dass dabei was schief gelaufen ist. Ergebnis - auch mit F12 kein anderes Ergebnis; wobei ich mit F2 schon ins Phoenix Bios reinkam.
Hat denn das Log, dass ich angehangen hatte nix gebracht; wie gesagt - ein zweites hat OTLPE nicht erzeugt...
Ich glaube ich hab's jetzt; hier zunächt das Log des OTL:OTL Logfile: Code:
OTL logfile created on: 31.08.2012 00:21:00 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Olaf Schaefer\Documents\4 - Privat\Downloads\Tech Stuff
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,80 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 53,04% Memory free
7,60 Gb Paging File | 5,28 Gb Available in Paging File | 69,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,55 Gb Total Space | 334,47 Gb Free Space | 74,40% Space Free | Partition Type: NTFS
Computer Name: OLAFSCHAEFER-LA | User Name: Olaf Schaefer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Olaf Schaefer\Documents\4 - Privat\Downloads\Tech Stuff\OTL.exe (OldTimer Tools)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()
PRC - C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (ESET)
PRC - C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\vpnconf.exe (TheGreenBow)
PRC - C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\tgbike.exe (TheGreenBow)
PRC - C:\Windows\SysWOW64\TgbStarter.exe (TheGreenBow)
PRC - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\PhraseExpress\pexlang.dll ()
MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (Samsung Network Fax Server) -- C:\Windows\SysNative\spool\drivers\x64\3\NetFaxServer64.exe (Samsung Electronics Co., Ltd.)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (TgbIke Starter) -- C:\Windows\SysWOW64\TgbStarter.exe (TheGreenBow)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Samsung Network Fax Server) -- C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe (Samsung Electronics Co., Ltd.)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (ndistgb) -- C:\Windows\SysNative\drivers\ndistgb.sys (TheGreenBow)
DRV:64bit: - (TgbIpSec) -- C:\Windows\SysNative\drivers\DfilterVPN.sys (TheGreenBow)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.sys (Samsung Electronics)
DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (h648103) -- C:\Windows\SysNative\drivers\h648103.sys (Your Corporation)
DRV:64bit: - (h648101) -- C:\Windows\SysNative\drivers\h648101.sys (Your Corporation)
DRV:64bit: - (h647906) -- C:\Windows\SysNative\drivers\h647906.sys (Your Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (hid8101) -- C:\Windows\SysWOW64\drivers\hid8101.sys (Your Corporation)
DRV - (hid8103) -- C:\Windows\SysWOW64\drivers\hid8103.sys (Your Corporation)
DRV - (hid7906) -- C:\Windows\SysWOW64\drivers\hid7906.sys (Your Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1503496351-805552673-617649127-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.30 22:45:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012.07.28 12:19:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.26 19:07:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.07.26 19:09:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olaf Schaefer\AppData\Roaming\mozilla\Extensions
[2012.08.30 22:51:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olaf Schaefer\AppData\Roaming\mozilla\Firefox\Profiles\80ua2q6w.default\extensions
[2012.07.26 19:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO DOWNLOADER\BROWSERPLUGIN\FIREFOX
[2012.08.30 22:45:32 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20120726155421.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120727201203.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [InstantUpdate] C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TgbVpn] C:\Program Files (x86)\TheGreenBow\TheGreenBow VPN\vpnconf.exe (TheGreenBow)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1503496351-805552673-617649127-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1503496351-805552673-617649127-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1503496351-805552673-617649127-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: SmarThru4 Als HTML speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll2.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll1.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll.htm File not found
O8:64bit: - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: SmarThru4 Als HTML speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll2.htm File not found
O8 - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll1.htm File not found
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files (x86)\SmarThru 4\x64\WebCapture.dll.htm File not found
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB6FB8E1-1F8D-429A-B8F3-36316D323CDD}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpReg: Dolby Advanced Audio v2 - hkey= - key= - C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
========== Files/Folders - Created Within 30 Days ==========
[2012.08.30 23:37:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.08.30 22:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.08.29 23:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.08.29 23:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2012.08.29 23:14:31 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\Desktop\Fixes 2908
[2012.08.29 17:05:33 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\AppData\Roaming\Malwarebytes
[2012.08.29 17:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.29 17:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.29 17:05:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.29 17:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.26 13:40:24 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\dwhelper
[2012.08.26 12:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012.08.26 12:58:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012.08.26 12:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012.08.26 12:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012.08.24 21:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2012.08.18 18:44:12 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\AppData\Local\Diagnostics
[2012.08.16 07:15:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 07:15:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 07:15:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 07:15:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 07:15:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 07:15:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 07:15:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 07:15:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 07:15:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 07:15:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 07:15:54 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 07:15:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 07:15:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 19:05:24 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 19:05:19 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 19:05:19 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 19:05:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 19:05:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 19:05:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 19:05:15 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 19:05:09 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 18:55:34 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\Application Data
[2012.08.15 12:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012.08.15 12:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2012.08.15 12:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2012.08.10 00:52:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.08.08 13:50:47 | 000,000,000 | --SD | C] -- C:\Users\Olaf Schaefer\Documents\Meine Datenquellen
[2012.08.06 20:28:54 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\AppData\Local\XING Connector
[2012.08.06 20:23:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XING Connector
[2012.08.02 11:24:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.08.01 14:55:16 | 000,474,624 | ---- | C] (Samsung Software Center) -- C:\Windows\prinst.exe
[2012.08.01 14:54:49 | 000,229,888 | R--- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\NetFaxPort64.dll
[2012.08.01 14:54:37 | 000,081,920 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssdevm.dll
[2012.08.01 14:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SRC Shared
[2012.08.01 14:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. Anwendungen
[2012.08.01 14:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Readiris10
[2012.08.01 14:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmarThru 4
[2012.08.01 14:49:31 | 000,138,776 | R--- | C] (TWAIN Working Group) -- C:\Windows\SysWow64\TWAINDSM.dll
[2012.08.01 14:49:27 | 000,000,000 | ---D | C] -- C:\Program Files\Scan Assistant
[2012.08.01 14:48:53 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\AppData\Local\S2PC
[2012.08.01 14:47:48 | 000,000,000 | ---D | C] -- C:\Users\Olaf Schaefer\AppData\Roaming\InstallShield
[2012.08.01 14:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdate
[2012.08.01 14:47:44 | 000,000,000 | ---D | C] -- C:\Windows\Samsung
[2012.08.01 14:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2012.08.01 14:42:12 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\drivers\SSPORT.SYS
[2012.08.01 14:18:48 | 000,053,816 | R--- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\DgivEcp.sys
[2012.08.01 14:18:41 | 000,533,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRVW13N.OCX
[2012.08.01 14:18:41 | 000,465,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRPR13n.DLL
[2012.08.01 14:18:40 | 000,931,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTR13N.DLL
[2012.08.01 14:18:40 | 000,326,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRIO13N.DLL
[2012.08.01 14:18:39 | 000,760,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx13n.ocx
[2012.08.01 14:18:39 | 000,187,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13s.dll
[2012.08.01 14:18:39 | 000,087,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13s.dll
[2012.08.01 14:18:39 | 000,086,528 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13s.dll
[2012.08.01 14:18:39 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13n.dll
[2012.08.01 14:18:39 | 000,043,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13s.dll
[2012.08.01 14:18:39 | 000,040,448 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13s.dll
[2012.08.01 14:18:39 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13s.dll
[2012.08.01 14:18:39 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13s.dll
[2012.08.01 14:18:39 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13n.dll
[2012.08.01 14:18:39 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13n.dll
[2012.08.01 14:18:39 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13n.dll
[2012.08.01 14:18:38 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13s.DLL
[2012.08.01 14:18:38 | 000,249,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13s.dll
[2012.08.01 14:18:38 | 000,152,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13s.dll
[2012.08.01 14:18:38 | 000,099,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13s.dll
[2012.08.01 14:18:38 | 000,057,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13s.dll
[2012.08.01 14:18:38 | 000,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn13n.dll
[2012.08.01 14:18:38 | 000,043,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13s.dll
[2012.08.01 14:18:38 | 000,037,888 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13s.dll
[2012.08.01 14:18:38 | 000,037,376 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13s.dll
[2012.08.01 14:18:38 | 000,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13s.dll
[2012.08.01 14:18:38 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13s.dll
[2012.08.01 14:18:38 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13s.dll
[2012.08.01 14:18:38 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13s.dll
[2012.08.01 14:18:37 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCLR13n.dll
[2012.08.01 14:18:37 | 000,246,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13n.dll
[2012.08.01 14:18:37 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2012.08.01 14:18:37 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx13n.dll
[2012.08.01 14:18:37 | 000,182,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13n.dll
[2012.08.01 14:18:37 | 000,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltpnt13n.dll
[2012.08.01 14:18:37 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTOCR13n.dll
[2012.08.01 14:18:37 | 000,077,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTTLB13n.dll
[2012.08.01 14:18:37 | 000,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltbar13n.dll
[2012.08.01 14:18:37 | 000,067,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltpdg13n.dll
[2012.08.01 14:18:37 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13n.dll
[2012.08.01 14:18:37 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13n.dll
[2012.08.01 14:18:37 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13n.dll
[2012.08.01 14:18:37 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13n.dll
[2012.08.01 14:18:37 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13n.dll
[2012.08.01 14:18:37 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13n.dll
[2012.08.01 14:18:36 | 000,389,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13n.DLL
[2012.08.01 14:18:36 | 000,142,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13n.dll
[2012.08.01 14:18:36 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13n.dll
[2012.08.01 14:18:36 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13n.dll
[2012.08.01 14:18:36 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttmb13n.dll
[2012.08.01 14:18:36 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13n.dll
[2012.08.01 14:18:36 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13n.dll
[2012.08.01 14:18:36 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13n.dll
[2012.08.01 14:18:35 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn13n.dll
[2012.08.01 14:18:35 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg13n.dll
[2012.08.01 14:18:35 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS13n.dll
[2012.08.01 14:18:34 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlg13n.dll
[2012.08.01 14:18:34 | 001,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltwvc13n.dll
[2012.08.01 14:18:34 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil13n.DLL
[2012.08.01 14:18:34 | 000,051,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltlst13n.dll
[2012.08.01 14:18:33 | 000,146,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mfcoleui.dll
[2012.08.01 13:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
[2012.08.01 13:32:59 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2.dll
[2012.08.01 13:32:59 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll
[2012.08.01 13:32:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2012.08.01 13:32:59 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2r.dll
[2012.08.01 13:32:59 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2a.dll
[2012.08.01 13:32:20 | 000,256,000 | ---- | C] (SEC) -- C:\Windows\SysNative\SIPDUtil.dll
[2012.08.01 13:32:20 | 000,161,448 | ---- | C] (Samsung Electronics CO., LTD.) -- C:\Windows\SysNative\SUPDSvc.exe
[2012.08.01 13:32:20 | 000,157,352 | ---- | C] (Samsung Electronics CO., LTD.) -- C:\Windows\SysNative\SUPDSvcA.dll
[2012.08.01 13:32:19 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\spd__ci.exe
[2012.08.01 13:32:19 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\spd__ci.dll
[2012.08.01 13:32:04 | 000,000,000 | ---D | C] -- C:\Temp
[2012.08.01 12:49:17 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.08.01 12:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.01 12:47:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.01 12:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.08.01 12:46:17 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.01 12:46:05 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.01 12:46:05 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.01 12:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.08.01 12:42:15 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.01 12:42:15 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.01 12:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElsterFormular
========== Files - Modified Within 30 Days ==========
[2012.08.31 00:11:08 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.31 00:00:18 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2012.08.30 23:46:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.30 23:19:49 | 000,001,850 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\McAfee Internet Security Suite.lnk
[2012.08.30 22:53:12 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 22:53:12 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 22:45:47 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.30 22:45:47 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.30 22:45:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.30 22:45:40 | 3060,473,856 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.30 21:48:22 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.30 21:48:22 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.30 21:48:22 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.30 21:48:22 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.30 21:48:22 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.29 17:05:12 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.22 12:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.08.21 19:15:19 | 000,012,951 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\120821_V1_FRR Action Info Log_OS - Verknüpfung.lnk
[2012.08.21 19:14:41 | 000,006,800 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\120821_V2_FRR-Prozesse_Masterdatei_HP_und_OS - Verknüpfung.lnk
[2012.08.20 10:25:13 | 000,000,064 | ---- | M] () -- C:\ProgramData\SamPCFax000017EC0002
[2012.08.20 10:25:13 | 000,000,004 | ---- | M] () -- C:\ProgramData\SamPCFax00000C6C0003
[2012.08.20 10:25:12 | 000,000,064 | ---- | M] () -- C:\ProgramData\SamPCFax000019B00001
[2012.08.17 10:21:25 | 000,041,984 | ---- | M] () -- C:\Users\Olaf Schaefer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.16 11:37:14 | 000,362,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 13:04:38 | 000,011,959 | ---- | M] () -- C:\Users\Olaf Schaefer\AppData\Roaming\SmarThruOptions.xml
[2012.08.15 10:46:57 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 10:46:57 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.14 10:07:12 | 000,000,119 | ---- | M] () -- C:\Users\Olaf Schaefer\Documents\prodact.dat
[2012.08.13 15:50:28 | 000,008,871 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\NLP - Verknüpfung.lnk
[2012.08.13 14:07:03 | 000,006,292 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Pocketbooks - Verknüpfung.lnk
[2012.08.12 21:48:15 | 000,014,438 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Salesplanung 2012 - 2017 - V3 - Verknüpfung.lnk
[2012.08.10 01:24:34 | 000,010,065 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Bildverkleinerer - Verknüpfung.lnk
[2012.08.08 19:09:05 | 000,000,146 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Synaptics ClickPad V8.1 - Verknüpfung.lnk
[2012.08.07 09:30:07 | 000,038,463 | ---- | M] () -- C:\Users\Olaf Schaefer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.08.06 20:34:16 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.08.06 20:34:12 | 000,038,527 | ---- | M] () -- C:\Users\Olaf Schaefer\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012.08.06 19:11:15 | 000,015,354 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\20120716 - Köln Messe 2012_Restaurants und Gästeliste - Ergänzungen HP & OS - Verknüpfung.lnk
[2012.08.06 15:38:15 | 000,010,495 | ---- | M] () -- C:\Users\Olaf Schaefer\Konto_1_elster_2048.pfx
[2012.08.05 17:55:50 | 000,004,751 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\4 - Privat - Verknüpfung.lnk
[2012.08.05 17:55:40 | 000,005,006 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\3 - HR Resources & Research - Verknüpfung.lnk
[2012.08.05 17:54:52 | 000,008,197 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Umsatzsteuer 2012.lnk
[2012.08.05 17:54:33 | 000,008,364 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Lieferantenrechnungen 2012.lnk
[2012.08.05 17:54:04 | 000,011,992 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\Finanzplan - V1 - Verknüpfung.lnk
[2012.08.05 17:50:50 | 000,005,950 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\1 - Process - Verknüpfung.lnk
[2012.08.05 17:50:44 | 000,005,947 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\0 - Intern - Verknüpfung.lnk
[2012.08.05 17:50:34 | 000,004,871 | ---- | M] () -- C:\Users\Olaf Schaefer\Desktop\1 - FR Recruitment - Verknüpfung.lnk
[2012.08.01 14:53:42 | 000,000,136 | ---- | M] () -- C:\Windows\Readiris.ini
[2012.08.01 14:51:40 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\SmarThru 4.lnk
[2012.08.01 12:45:53 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.01 12:45:53 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
========== Files Created - No Company Name ==========
[2012.08.30 23:19:49 | 000,001,850 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\McAfee Internet Security Suite.lnk
[2012.08.29 17:05:12 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.21 19:15:19 | 000,012,951 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\120821_V1_FRR Action Info Log_OS - Verknüpfung.lnk
[2012.08.21 19:14:41 | 000,006,800 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\120821_V2_FRR-Prozesse_Masterdatei_HP_und_OS - Verknüpfung.lnk
[2012.08.20 10:25:13 | 000,000,064 | ---- | C] () -- C:\ProgramData\SamPCFax000017EC0002
[2012.08.20 10:25:13 | 000,000,004 | ---- | C] () -- C:\ProgramData\SamPCFax00000C6C0003
[2012.08.20 10:25:12 | 000,000,064 | ---- | C] () -- C:\ProgramData\SamPCFax000019B00001
[2012.08.13 15:50:28 | 000,008,871 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\NLP - Verknüpfung.lnk
[2012.08.13 14:07:03 | 000,006,292 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Pocketbooks - Verknüpfung.lnk
[2012.08.12 21:48:15 | 000,014,438 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Salesplanung 2012 - 2017 - V3 - Verknüpfung.lnk
[2012.08.10 01:24:34 | 000,010,065 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Bildverkleinerer - Verknüpfung.lnk
[2012.08.08 19:09:05 | 000,000,146 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Synaptics ClickPad V8.1 - Verknüpfung.lnk
[2012.08.06 20:34:12 | 000,038,527 | ---- | C] () -- C:\Users\Olaf Schaefer\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012.08.06 20:34:08 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.08.06 19:11:15 | 000,015,354 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\20120716 - Köln Messe 2012_Restaurants und Gästeliste - Ergänzungen HP & OS - Verknüpfung.lnk
[2012.08.06 15:38:05 | 000,010,495 | ---- | C] () -- C:\Users\Olaf Schaefer\Konto_1_elster_2048.pfx
[2012.08.05 17:55:50 | 000,004,751 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\4 - Privat - Verknüpfung.lnk
[2012.08.05 17:55:40 | 000,005,006 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\3 - HR Resources & Research - Verknüpfung.lnk
[2012.08.05 17:54:33 | 000,008,364 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Lieferantenrechnungen 2012.lnk
[2012.08.05 17:54:33 | 000,008,197 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Umsatzsteuer 2012.lnk
[2012.08.05 17:54:04 | 000,011,992 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\Finanzplan - V1 - Verknüpfung.lnk
[2012.08.05 17:50:50 | 000,005,950 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\1 - Process - Verknüpfung.lnk
[2012.08.05 17:50:44 | 000,005,947 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\0 - Intern - Verknüpfung.lnk
[2012.08.05 17:50:34 | 000,004,871 | ---- | C] () -- C:\Users\Olaf Schaefer\Desktop\1 - FR Recruitment - Verknüpfung.lnk
[2012.08.01 14:54:09 | 000,011,959 | ---- | C] () -- C:\Users\Olaf Schaefer\AppData\Roaming\SmarThruOptions.xml
[2012.08.01 14:53:42 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini
[2012.08.01 14:53:36 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2012.08.01 14:51:40 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\SmarThru 4.lnk
[2012.08.01 14:47:43 | 000,116,016 | ---- | C] () -- C:\Windows\Wiainst.exe
[2012.08.01 14:47:20 | 000,027,648 | ---- | C] () -- C:\Windows\SysNative\sst2cl6.dll
[2012.08.01 14:43:34 | 001,909,016 | ---- | C] () -- C:\Windows\sst2cLTR.prn
[2012.08.01 14:43:33 | 001,909,016 | ---- | C] () -- C:\Windows\sst2cA4.prn
[2012.08.01 14:18:48 | 000,007,297 | ---- | C] () -- C:\Windows\SysWow64\SSPORT.CAT
[2012.08.01 14:18:48 | 000,007,036 | ---- | C] () -- C:\Windows\SysWow64\DgivEcp.cat
[2012.08.01 14:18:47 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe
[2012.08.01 14:18:42 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\SecSNMP.dll
[2012.08.01 14:18:38 | 000,000,422 | ---- | C] () -- C:\Windows\SysWow64\ltocx13.lic
[2012.08.01 13:33:00 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2012.08.01 13:32:20 | 000,027,648 | ---- | C] () -- C:\Windows\SysNative\spd__l6.dll
[2012.08.01 13:32:20 | 000,000,357 | ---- | C] () -- C:\Windows\SysNative\spd__l6.smt
[2012.08.01 13:32:19 | 000,441,344 | ---- | C] () -- C:\Windows\SysNative\DscPnt1.dll
[2012.08.01 13:32:19 | 000,290,816 | ---- | C] () -- C:\Windows\SysNative\DscPnt0.dll
[2012.08.01 13:32:19 | 000,290,816 | ---- | C] () -- C:\Windows\SysNative\DscPnt.dll
[2012.07.31 22:59:31 | 000,041,984 | ---- | C] () -- C:\Users\Olaf Schaefer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.28 16:40:52 | 000,000,330 | ---- | C] () -- C:\Windows\wininit.ini
[2012.07.27 16:49:08 | 000,038,463 | ---- | C] () -- C:\Users\Olaf Schaefer\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.07.02 20:28:06 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.06.12 05:54:21 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
[2012.06.12 05:45:21 | 000,755,188 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.06.12 05:45:21 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.06.12 05:45:20 | 013,024,768 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.06.12 05:45:20 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.06.12 05:43:13 | 000,001,333 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2012.06.09 19:21:56 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.05.30 11:52:20 | 004,305,920 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2012.05.21 18:28:58 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\mlc.dll
[2012.03.28 20:13:21 | 000,000,445 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2012.03.28 20:13:21 | 000,000,395 | ---- | C] () -- C:\Windows\WisPriority.ini
[2012.03.28 20:13:21 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.12.07 23:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.02.11 23:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
========== LOP Check ==========
[2012.07.28 16:41:10 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\FoozKids
[2012.08.30 00:44:20 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\ICAClient
[2012.07.28 13:30:47 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\Leadertech
[2012.08.30 00:44:21 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\PhraseExpress
[2012.07.26 15:32:39 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\Screensaver
[2012.07.26 15:32:37 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\Synaptics
[2012.07.30 09:08:33 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\TeamViewer
[2012.07.28 13:08:40 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\WildTangent
[2012.07.29 23:07:19 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\Win7codecs
[2012.07.26 16:06:36 | 000,000,000 | ---D | M] -- C:\Users\Olaf Schaefer\AppData\Roaming\Windows Live Writer
[2012.08.31 00:00:18 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2012.08.30 22:45:47 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.22 12:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2009.07.14 07:08:49 | 000,020,852 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.07.27 08:21:51 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.06.11 20:50:18 | 000,000,000 | -H-D | M] -- C:\BOOK
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.26 15:29:39 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.06.11 20:27:27 | 000,000,000 | ---D | M] -- C:\Dolby PCEE4
[2012.07.26 15:32:57 | 000,000,000 | -H-D | M] -- C:\Elements
[2012.06.11 20:17:50 | 000,000,000 | -H-D | M] -- C:\Intel
[2012.08.30 00:43:33 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.07.26 15:29:49 | 000,000,000 | -HSD | M] -- C:\OEM
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.08.30 00:43:36 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.08.30 23:37:14 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.08.29 17:05:11 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.26 15:29:39 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.07.26 15:29:39 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.08.29 23:16:00 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.08.01 14:14:42 | 000,000,000 | ---D | M] -- C:\Temp
[2012.07.26 15:29:47 | 000,000,000 | R--D | M] -- C:\Users
[2012.08.30 22:45:32 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: IASTOR.SYS >
[2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.11.30 04:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.07.26 15:31:37 | 000,000,000 | ---- | M] () -- C:\Users\Olaf Schaefer\agent.log
[2012.08.06 15:38:15 | 000,010,495 | ---- | M] () -- C:\Users\Olaf Schaefer\Konto_1_elster_2048.pfx
[2012.08.31 00:38:47 | 004,980,736 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat
[2012.08.31 00:38:47 | 000,262,144 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat.LOG1
[2012.07.26 15:29:52 | 000,000,000 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat.LOG2
[2012.07.26 19:34:02 | 000,065,536 | -HS- | M] () -- C:\Users\Olaf Schaefer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.07.26 19:34:02 | 000,524,288 | -HS- | M] () -- C:\Users\Olaf Schaefer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.07.26 19:34:02 | 000,524,288 | -HS- | M] () -- C:\Users\Olaf Schaefer\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.08.29 16:30:26 | 000,065,536 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat{8981add8-f1d9-11e1-a4bf-ffd5511bd8a8}.TM.blf
[2012.08.29 16:30:26 | 000,524,288 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat{8981add8-f1d9-11e1-a4bf-ffd5511bd8a8}.TMContainer00000000000000000001.regtrans-ms
[2012.08.29 16:30:26 | 000,524,288 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.dat{8981add8-f1d9-11e1-a4bf-ffd5511bd8a8}.TMContainer00000000000000000002.regtrans-ms
[2012.07.26 15:29:53 | 000,000,020 | -HS- | M] () -- C:\Users\Olaf Schaefer\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< End of report >
--- --- --- |
OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.