KaleuVIIc | 20.02.2012 22:19 | hallo, hab´s heute hinbekommen. abgesichert mit eingabeaufforderung, dann hatte ich zumindest zugriff auf das laufwerk und konnte den otl-scan laufen lassen. ablage auf den desktop haut nämlich nicht hin. der ist nach wie vor nicht verfügbar. im anhang nun die otl-txt. ich hoffe, du kannst damit was anfangen.OTL Logfile: Code:
OTL logfile created on: 20.02.2012 20:21:53 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = G:\Programs\OTLPE
64bit-Windows 7 Home Premium (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,00 Gb Total Space | 11,93 Gb Free Space | 11,93% Space Free | Partition Type: NTFS
Drive D: | 161,45 Gb Total Space | 140,87 Gb Free Space | 87,26% Space Free | Partition Type: NTFS
Drive E: | 161,45 Gb Total Space | 87,69 Gb Free Space | 54,32% Space Free | Partition Type: NTFS
Drive F: | 161,45 Gb Total Space | 26,45 Gb Free Space | 16,38% Space Free | Partition Type: NTFS
Drive G: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: TIM-PC | User Name: TIM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.01.06 16:32:34 | 000,827,520 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2009.11.02 11:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.09.30 13:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2012.02.15 15:58:30 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.07 13:18:30 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto] -- E:\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.12.18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\Program Files (x86)\CheckPoint\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011.01.22 15:58:30 | 000,055,688 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto] -- C:\Programme\Todo Backup 2.0\bin\Agent.exe -- (EASEUS Agent)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.01 05:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 05:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.25 00:42:28 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.09.11 06:42:46 | 000,305,448 | ---- | M] () [On_Demand] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.07.10 01:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.01.06 16:32:12 | 000,033,672 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\Software\Microsoft\Internet Explorer\Main,Start Page = freenet.de - E-Mail, Singles, Nachrichten & Services
IE - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\URLSearchHook: {f361b100-73c5-4793-8bcc-6e5c41510210} - C:\Program Files (x86)\ZoneAlarm_Deutsch\prxtbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.02.19 22:13:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.02.19 21:58:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files (x86)\PriceGong\2.5.1\FF [2012.02.19 12:50:44 | 000,000,000 | ---D | M]
[2012.02.19 21:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TIM\AppData\Roaming\mozilla\Firefox\extensions
[2012.02.19 21:57:59 | 000,000,000 | ---D | M] (ZoneAlarm Deutsch Community Toolbar) -- C:\Users\TIM\AppData\Roaming\mozilla\Firefox\extensions\{f361b100-73c5-4793-8bcc-6e5c41510210}
[2012.02.05 14:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll (PriceGong)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O2 - BHO: (no name) - {8984B388-A5BB-4DF7-B274-77B879E179DB} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (ZoneAlarm Deutsch Toolbar) - {f361b100-73c5-4793-8bcc-6e5c41510210} - C:\Program Files (x86)\ZoneAlarm_Deutsch\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Deutsch Toolbar) - {f361b100-73c5-4793-8bcc-6e5c41510210} - C:\Program Files (x86)\ZoneAlarm_Deutsch\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (no name) - {00725D68-069B-4095-9FF1-E7469C0E95DF} - No CLSID value found.
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (no name) - {09900DE8-1DCA-443F-9243-26FF581438AF} - No CLSID value found.
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)
O3:64bit: - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (ZoneAlarm Deutsch Toolbar) - {F361B100-73C5-4793-8BCC-6E5C41510210} - C:\Program Files (x86)\ZoneAlarm_Deutsch\prxtbZone.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe (brother)
O4 - HKLM..\Run: [EaseUs Watch] C:\Programme\Todo Backup 2.0\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] E:\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000..\Run: [AVMUSBFernanschluss] C:\Users\TIM\AppData\Local\Apps\2.0\AY82PH96.WAG\GV3C5JR4.1Y3\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000..\Run: [msnmsgr] File not found
O4 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000..\Run: [Steam] E:\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltimateZip Quick Start.lnk = C:\Program Files (x86)\UltimateZip\uzqkst.exe (SWE von Schleusen)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\TIM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\TIM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\System32\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-2962486779-4126303749-2838823280-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.03.24 12:06:41 | 000,000,053 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{226ab52e-4687-11df-ac28-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{226ab52e-4687-11df-ac28-806e6f6e6963}\Shell\AutoRun\command - "" = G:\reatogoMenu.exe -- [2005.07.16 22:36:50 | 000,240,128 | R--- | M] ()
O33 - MountPoints2\{4920723c-83b1-11e0-a28d-00262d83e392}\Shell - "" = AutoRun
O33 - MountPoints2\{4920723c-83b1-11e0-a28d-00262d83e392}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{99f2f62a-b3a4-11e0-8195-00262d83e392}\Shell - "" = AutoRun
O33 - MountPoints2\{99f2f62a-b3a4-11e0-8195-00262d83e392}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{e792844a-5aba-11df-a11b-00262d83e392}\Shell - "" = AutoRun
O33 - MountPoints2\{e792844a-5aba-11df-a11b-00262d83e392}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.19 21:57:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Mozilla
[2012.02.19 21:57:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012.02.19 21:57:57 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Conduit
[2012.02.19 21:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZoneAlarm_Deutsch
[2012.02.19 21:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.02.19 15:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.19 15:37:39 | 000,000,000 | -HSD | C] -- C:\BOOT
[2012.02.19 15:36:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Todo Backup Home 2.0
[2012.02.19 15:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\Todo Backup 2.0
[2012.02.19 15:18:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.02.19 15:14:33 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.02.19 15:14:33 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.19 15:14:33 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.19 15:14:33 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.19 15:14:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.19 15:14:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.19 15:14:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.19 15:14:33 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.19 15:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.02.19 14:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2012.02.19 14:33:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.02.19 13:20:37 | 000,000,000 | ---D | C] -- C:\Windows\Options
[2012.02.19 12:29:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.19 12:04:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012.02.16 15:07:07 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
[2012.02.16 15:07:03 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.16 15:07:03 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.02.16 15:06:42 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
[2012.02.16 15:06:02 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2012.02.16 15:06:02 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 15:06:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.16 15:06:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 15:05:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.16 15:05:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2012.02.16 15:05:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.16 15:05:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.13 18:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mail.Ru
[2012.02.12 17:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.02.11 14:14:38 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Brother
[2012.02.05 23:13:50 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Mozilla
[2012.02.05 15:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
[2012.02.05 14:32:54 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\My Cheat Tables
[2012.02.05 14:32:49 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\TempDIR
[2012.02.05 14:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1
[2012.02.04 22:45:22 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.02.04 22:45:22 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll
[2012.02.04 22:45:21 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCP71.dll
[2012.02.04 22:45:21 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVCP71.dll
[2012.02.01 17:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft PC Gamer Demo
[2009.11.05 04:33:04 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2012.02.20 20:06:32 | 000,000,346 | ---- | M] () -- C:\Windows\Brownie.ini
[2012.02.20 20:05:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.20 20:05:29 | 3111,518,208 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.19 21:57:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.02.19 15:39:15 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.19 15:36:58 | 000,001,765 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Todo Backup Home 2.0.lnk
[2012.02.19 15:36:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Todo Backup Home 2.0
[2012.02.19 15:14:09 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.02.19 15:14:09 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.19 15:14:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.02.19 15:14:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.19 15:14:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.02.19 15:14:09 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.19 15:14:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.02.19 15:14:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012.02.19 14:10:08 | 000,001,324 | ---- | M] () -- C:\Users\TIM\Documents\cc_20120219_140959.reg
[2012.02.19 13:58:21 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
[2012.02.19 13:58:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012.02.19 13:08:37 | 000,001,118 | ---- | M] () -- C:\prefs.js
[2012.02.19 12:50:35 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechForce
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft PC Gamer Demo
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Einstellungstest-Trainer 6.0
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive Studios
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.1
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle of Endor v2.1
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArtMoney SE
[2012.02.19 12:50:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012.02.19 12:26:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DX-Ball Game
[2012.02.15 17:43:28 | 000,002,281 | ---- | M] () -- C:\Users\TIM\Documents\mcedit.ini
[2012.02.13 18:29:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012.02.12 17:05:18 | 000,000,563 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.02.11 14:17:02 | 000,027,042 | ---- | M] () -- C:\Users\TIM\Documents\gescichte vortrag.odt
[2012.02.11 14:14:38 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.02.10 14:22:32 | 000,004,548 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2012.02.08 14:18:56 | 000,340,625 | ---- | M] () -- C:\Users\TIM\Documents\sozi vortrag.odt
[2012.02.05 15:05:08 | 000,000,635 | ---- | M] () -- C:\Users\Public\Desktop\ArtMoney SE v7.38.lnk
[2012.02.05 14:33:06 | 000,000,447 | ---- | M] () -- C:\user.js
========== Files Created - No Company Name ==========
[2012.02.19 15:39:15 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.19 15:36:58 | 000,001,765 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Todo Backup Home 2.0.lnk
[2012.02.19 14:10:06 | 000,001,324 | ---- | C] () -- C:\Users\TIM\Documents\cc_20120219_140959.reg
[2012.02.12 19:47:53 | 006,074,778 | ---- | C] () -- C:\Users\TIM\Desktop\Mondotek - Alive - .mp3
[2012.02.08 18:14:51 | 000,027,042 | ---- | C] () -- C:\Users\TIM\Documents\gescichte vortrag.odt
[2012.02.08 14:20:01 | 000,340,625 | ---- | C] () -- C:\Users\TIM\Documents\sozi vortrag.odt
[2012.02.05 15:05:08 | 000,000,635 | ---- | C] () -- C:\Users\Public\Desktop\ArtMoney SE v7.38.lnk
[2012.02.05 14:33:06 | 000,000,447 | ---- | C] () -- C:\user.js
[2012.02.05 00:02:38 | 004,726,964 | ---- | C] () -- C:\Users\TIM\Desktop\Bangbros - Happy Hour.mp3
[2011.11.23 20:30:19 | 000,000,000 | ---- | C] () -- C:\Users\TIM\AppData\Local\{1A4FCFC8-5813-48F0-81B1-C3E63AE043C0}
[2011.11.19 20:20:40 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011.11.19 20:20:40 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011.11.19 20:19:41 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3040CN.INI
[2011.11.19 20:19:07 | 000,000,346 | ---- | C] () -- C:\Windows\Brownie.ini
[2011.11.18 20:37:49 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.10.26 14:13:33 | 000,000,000 | ---- | C] () -- C:\Users\TIM\AppData\Local\{65CFDF9B-7F59-4718-BBAB-2D1726358D4E}
[2011.10.22 15:23:29 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.10.13 14:57:39 | 000,000,260 | ---- | C] () -- C:\Windows\cod2demo.ini
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.03 10:21:55 | 000,007,168 | ---- | C] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.31 11:32:03 | 000,000,091 | ---- | C] () -- C:\Users\TIM\AppData\Local\fusioncache.dat
[2010.07.30 17:55:00 | 001,541,294 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.06 21:46:57 | 000,004,548 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010.07.06 21:46:56 | 000,034,816 | ---- | C] () -- C:\Windows\UPI41023.DLL
[2010.07.06 21:46:56 | 000,017,408 | ---- | C] () -- C:\Windows\PI4UN.dll
[2010.07.06 21:46:56 | 000,016,896 | ---- | C] () -- C:\Windows\UPI41024.DLL
[2010.06.13 09:40:23 | 000,000,000 | ---- | C] () -- C:\Users\TIM\AppData\Roaming\wklnhst.dat
[2010.05.15 10:47:27 | 000,000,119 | ---- | C] () -- C:\Windows\Podcasts.INI
[2010.05.09 02:28:21 | 000,040,960 | R--- | C] () -- C:\Windows\SysWow64\psfind.dll
[2010.04.13 09:21:55 | 000,001,744 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2010.04.13 00:12:35 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2010.04.13 00:12:35 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010.04.13 00:12:35 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2010.04.13 00:12:35 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2010.04.13 00:05:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.05 01:21:23 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.11.05 01:21:23 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.11.05 01:21:23 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.04.22 16:03:16 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.04.22 16:03:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.04.22 16:03:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.04.22 16:03:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2005.01.17 07:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2004.08.09 07:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
========== LOP Check ==========
[2011.10.08 14:14:50 | 000,000,000 | -HSD | M] -- C:\Users\TIM\AppData\Roaming\.#
[2012.02.20 19:06:17 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\.minecraft
[2012.02.19 12:50:19 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\Audacity
[2011.09.27 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\Babylon
[2011.10.18 20:40:57 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\CheckPoint
[2011.12.22 13:22:30 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\DVDVideoSoft
[2011.12.22 13:21:31 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.04.17 18:50:23 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\GameConsole
[2010.04.15 22:30:24 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\ImgBurn
[2010.06.12 14:01:25 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\LG Electronics
[2012.02.19 12:50:19 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\minecraft
[2010.09.04 15:53:58 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\NCH Swift Sound
[2011.09.17 18:13:09 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\Notepad++
[2012.01.21 19:01:58 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\OpenOffice.org
[2012.02.19 12:50:18 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\PhotoFiltre Studio X
[2010.07.04 10:14:07 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\PowerCinema
[2011.10.02 13:55:34 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\pymclevel
[2011.12.29 17:26:37 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\Sierra
[2010.07.05 08:55:15 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\SoftDMA
[2011.09.26 17:43:08 | 000,000,000 | ---D | M] -- C:\Users\TIM\AppData\Roaming\uTorrent
[2009.11.05 01:49:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer
[2009.11.05 05:16:17 | 000,000,000 | ---D | M] -- C:\ProgramData\AmUStor
[2010.04.13 00:07:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011.09.27 19:50:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2009.11.05 04:32:27 | 000,000,000 | ---D | M] -- C:\ProgramData\BackupManager
[2010.07.31 11:19:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Broderbund Software
[2012.02.19 21:57:43 | 000,000,000 | ---D | M] -- C:\ProgramData\CheckPoint
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010.04.13 00:07:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010.04.13 00:09:19 | 000,000,000 | ---D | M] -- C:\ProgramData\EgisTec
[2009.11.05 05:16:17 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2010.04.13 00:07:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011.10.17 13:41:43 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallMate
[2010.04.13 00:10:10 | 000,000,000 | ---D | M] -- C:\ProgramData\McQcModifier-5c47-a7b0
[2011.10.30 10:30:49 | 000,000,000 | ---D | M] -- C:\ProgramData\metier2000Apps
[2010.09.04 15:53:58 | 000,000,000 | ---D | M] -- C:\ProgramData\NCH Swift Sound
[2010.04.13 00:17:46 | 000,000,000 | ---D | M] -- C:\ProgramData\OEM
[2010.04.14 20:46:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Partner
[2011.07.21 17:53:09 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2011.10.17 13:36:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Premium
[2010.05.15 10:16:12 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2011.10.17 11:59:39 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.07.31 11:32:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Riverdeep Interactive Learning Limited
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010.04.13 00:07:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2011.10.17 13:37:04 | 000,000,000 | ---D | M] -- C:\ProgramData\SweetIM
[2011.01.20 18:33:21 | 000,000,000 | ---D | M] -- C:\ProgramData\SWTCWRH
[2011.12.22 18:32:55 | 000,000,000 | ---D | M] -- C:\ProgramData\TechSmith
[2010.07.04 10:19:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010.04.13 00:07:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012.02.19 12:50:35 | 000,000,000 | -H-D | M] -- C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
[2012.02.19 12:50:34 | 000,000,000 | -H-D | M] -- C:\ProgramData\{2E51849B-6C53-4B47-9E70-462912833018}
[2012.01.21 18:16:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- --- |