Guten Morgen Markus,
erstmal vielen herzlichen Dank fuer deine schnelle Antwort.
Jetzt hat es funktioniert.
Hier erstmal die Antwort vom Scan ohne das ich etwas in die CODE box eingefuegt habe. Code:
OTL logfile created on: 9/18/2012 2:47:29 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 14.65 Gb Total Space | 7.91 Gb Free Space | 54.02% Space Free | Partition Type: NTFS
Drive E: | 218.20 Gb Total Space | 64.75 Gb Free Space | 29.68% Space Free | Partition Type: NTFS
Drive G: | 7.46 Gb Total Space | 6.56 Gb Free Space | 87.96% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/08/24 17:46:28 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand] -- E:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/06/22 01:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/06/22 01:34:52 | 000,218,320 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/06/22 01:33:12 | 000,237,920 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/02/25 14:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto] -- E:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto] -- E:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto] -- E:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 14:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto] -- E:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2012/09/13 13:25:48 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/26 13:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto] -- E:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/07/03 15:08:39 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 13:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/13 15:33:27 | 000,075,136 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/10 05:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- E:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 05:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- E:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto] -- E:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/07/17 00:51:31 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand] -- E:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/04/13 14:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand] -- E:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/06/22 01:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/06/22 01:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/06/22 01:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/06/22 01:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/06/22 01:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/06/22 01:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/06/22 01:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/06/15 06:04:12 | 000,073,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2012/04/25 06:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/20 10:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/01/18 02:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/22 04:25:15 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/12 14:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- E:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/04/15 17:40:10 | 000,301,688 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/04/13 14:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System] -- E:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2010/02/25 14:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/06 11:05:32 | 007,370,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand] -- E:\Windows\System32\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- E:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/26 11:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System] -- E:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Manuel_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
IE - HKU\Manuel_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Manuel_ON_E\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - Reg Error: Key error. File not found
IE - HKU\Manuel_ON_E\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
IE - HKU\Manuel_ON_E\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Key error. File not found
IE - HKU\Manuel_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Manuel_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: E:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files\McAfee\MSC\npMcSnFFPl64.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: E:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin: E:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/12/21 15:02:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/22 11:00:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/10 13:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/09/07 12:51:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 12:49:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/06/21 13:48:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/09/11 16:33:12 | 000,000,000 | ---D | M]
[2012/04/06 14:56:09 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/02 15:18:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/03 15:08:41 | 000,085,472 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/11 06:57:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/25 20:30:28 | 000,001,392 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/21 11:08:37 | 000,003,768 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/01/25 20:30:28 | 000,002,252 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/25 20:30:28 | 000,001,153 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/15 05:29:28 | 000,002,048 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchdrive.xml
[2012/01/25 20:30:28 | 000,006,805 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/08 12:31:46 | 000,002,027 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/01/25 20:30:28 | 000,001,178 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/01/25 20:30:28 | 000,001,105 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/09/11 14:18:14 | 000,000,854 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 176.9.96.188 wiki.fosera.com
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120907184947.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - E:\Program Files (x86)\SFT_eng7\prxtbSFT0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - E:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120907184947.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - E:\Program Files (x86)\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - E:\Program Files (x86)\SFT_eng7\prxtbSFT0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - E:\Program Files (x86)\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Manuel_ON_E\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3:64bit: - HKU\Manuel_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [Apoint] E:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] E:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] E:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] E:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bing Bar] File not found
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [Desktop Disc Tool] E:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] E:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [facemoods] E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [FreePDF Assistant] E:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [LWS] E:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [mcui_exe] E:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SearchSettings] E:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Manuel_ON_E..\Run: [ahffbfpvnjqwcdp] E:\ProgramData\ahffbfpv.exe ()
O4 - HKU\Manuel_ON_E..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Manuel_ON_E..\Run: [Userinit] E:\Users\Manuel\AppData\Roaming\appconf32.exe ()
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] E:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKLM..\RunOnceEx: [ContentMerger] E:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Key error. File not found
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - Reg Error: Key error. File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Manuel_ON_E\..Trusted Domains: internet ([]about in Trusted sites)
O15:64bit: - Manuel_ON_E\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15:64bit: - Manuel_ON_E\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - E:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\Manuel_ON_E Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Manuel_ON_E Winlogon: Shell - (C:\Users\Manuel\AppData\Roaming\msconfig.dat) - E:\Users\Manuel\AppData\Roaming\msconfig.dat ()
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - File not found - -- [ NTFS ]
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/09/14 13:18:08 | 000,000,000 | ---D | C] -- E:\ProgramData\hsdxpanjnyzxvlu
[2012/09/14 02:58:44 | 000,000,000 | -HSD | C] -- E:\Config.Msi
[2012/09/11 16:23:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\RNDISMP.sys
[2012/09/11 16:23:17 | 000,574,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10level9.dll
[2012/09/11 16:23:16 | 000,490,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3d10level9.dll
[2012/09/11 16:23:11 | 000,376,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/09/11 16:23:11 | 000,288,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/09/08 08:10:21 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/08 08:10:21 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/07 13:26:45 | 000,073,096 | ---- | C] (McAfee, Inc.) -- E:\Windows\System32\drivers\McPvDrv.sys
[2012/09/07 13:26:00 | 000,196,440 | ---- | C] (McAfee, Inc.) -- E:\Windows\System32\drivers\HipShieldK.sys
[2012/09/06 11:28:31 | 000,000,000 | ---D | C] -- E:\ProgramData\TEMP
[2012/09/04 07:43:57 | 000,000,000 | ---D | C] -- E:\Users\Manuel\AppData\Local\Cisco
[2012/09/04 07:43:57 | 000,000,000 | ---D | C] -- E:\ProgramData\Cisco
[2012/09/02 15:01:18 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/08/31 14:00:30 | 000,000,000 | ---D | C] -- E:\Users\Manuel\Desktop\Kathrin Sprache
[2012/08/31 13:09:23 | 000,000,000 | ---D | C] -- E:\Users\Manuel\AppData\Roaming\13001.042
[2012/08/29 08:19:53 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/29 08:19:45 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- E:\Windows\System32\GEARAspi64.dll
[2012/08/29 08:19:45 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- E:\Windows\SysWow64\GEARAspi.dll
[2012/08/29 08:17:26 | 000,000,000 | ---D | C] -- E:\Program Files\iPod
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\Program Files\iTunes
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\iTunes
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/08/29 08:15:14 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Apple
[2012/08/29 08:14:29 | 000,000,000 | ---D | C] -- E:\Program Files\Bonjour
[2012/08/29 08:14:29 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Bonjour
[2012/08/27 06:21:58 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/27 06:21:56 | 000,000,000 | ---D | C] -- E:\ProgramData\PC-Doctor for Windows
[2 E:\Users\Manuel\AppData\Roaming\*.tmp files -> E:\Users\Manuel\AppData\Roaming\*.tmp -> ]
[1 E:\Windows\SysWow64\*.tmp files -> E:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/17 15:04:05 | 1579,438,080 | -HS- | M] () -- E:\hiberfil.sys
[2012/09/17 15:04:05 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/09/17 14:54:08 | 000,014,240 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 14:54:08 | 000,014,240 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 14:48:17 | 000,000,045 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\msconfig.ini
[2012/09/17 05:23:31 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/09/14 13:39:01 | 000,000,884 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/14 13:18:09 | 000,076,348 | ---- | M] () -- E:\ProgramData\ecdamjlmrnawgqm
[2012/09/14 13:15:52 | 000,079,360 | ---- | M] () -- E:\ProgramData\ahffbfpv.exe
[2012/09/14 02:44:01 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/09/14 02:23:35 | 000,659,238 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2012/09/14 02:23:35 | 000,620,384 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/09/14 02:23:35 | 000,132,776 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2012/09/14 02:23:35 | 000,108,566 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/09/13 13:25:47 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/13 13:25:47 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/11 14:18:14 | 000,000,854 | ---- | M] () -- E:\Windows\System32\drivers\etc\hosts
[2012/09/10 13:37:43 | 000,000,034 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\blckdom.res
[2012/09/07 04:18:45 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/09/07 04:18:45 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/09/07 04:18:45 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/04 05:12:50 | 370,121,771 | ---- | M] () -- E:\Windows\MEMORY.DMP
[2012/08/31 13:09:33 | 000,198,200 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:09:33 | 000,007,424 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/29 07:54:30 | 022,765,562 | ---- | M] () -- E:\Users\Manuel\Documents\iPhone_iOS3.1_Benutzerhandbuch.pdf
[2012/08/24 16:29:30 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/24 08:33:07 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/08/22 16:16:02 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/08/22 16:13:29 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
[2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2 E:\Users\Manuel\AppData\Roaming\*.tmp files -> E:\Users\Manuel\AppData\Roaming\*.tmp -> ]
[1 E:\Windows\SysWow64\*.tmp files -> E:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/14 13:20:42 | 000,000,045 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\msconfig.ini
[2012/09/14 13:18:09 | 000,079,360 | ---- | C] () -- E:\ProgramData\ahffbfpv.exe
[2012/09/14 13:15:55 | 000,076,348 | ---- | C] () -- E:\ProgramData\ecdamjlmrnawgqm
[2012/09/08 08:10:22 | 000,000,884 | ---- | C] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/02 09:48:08 | 370,121,771 | ---- | C] () -- E:\Windows\MEMORY.DMP
[2012/08/31 13:09:33 | 000,198,200 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:09:33 | 000,007,424 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/29 07:54:28 | 022,765,562 | ---- | C] () -- E:\Users\Manuel\Documents\iPhone_iOS3.1_Benutzerhandbuch.pdf
[2012/08/24 16:29:30 | 000,002,441 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/24 08:19:24 | 000,000,034 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\blckdom.res
[2012/08/15 06:19:58 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe189.dll
[2012/08/14 12:17:04 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe188.dll
[2012/07/29 07:58:49 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe177.dll
[2012/07/26 12:24:23 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe175.dll
[2012/07/13 09:16:10 | 000,000,024 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\urhtps.dat
[2012/02/13 15:33:33 | 000,234,768 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2012/02/13 15:33:27 | 000,075,136 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2012/01/11 12:08:24 | 000,079,360 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\msconfig.dat
[2011/11/27 21:25:51 | 000,007,605 | ---- | C] () -- E:\Users\Manuel\AppData\Local\Resmon.ResmonCfg
[2011/08/01 01:17:32 | 000,081,920 | ---- | C] () -- E:\Windows\SysWow64\MPMapTrace.dll
[2011/08/01 00:37:24 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\mpPathan.dll
[2011/07/16 06:35:02 | 000,000,000 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\bibstats
[2011/06/14 04:55:11 | 000,000,056 | -H-- | C] () -- E:\ProgramData\ezsidmv.dat
[2011/04/26 10:42:24 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2011/03/13 12:05:21 | 000,111,932 | ---- | C] () -- E:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/03/13 12:05:21 | 000,024,903 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern3.dat
[2011/03/13 12:05:21 | 000,021,390 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern5.dat
[2011/03/13 12:05:21 | 000,020,148 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern2.dat
[2011/03/13 12:05:21 | 000,011,811 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern4.dat
[2011/03/13 12:05:21 | 000,004,943 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern6.dat
[2011/03/13 12:05:21 | 000,001,146 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011/03/13 12:05:21 | 000,001,139 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/03/13 12:05:21 | 000,001,139 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/03/13 12:05:21 | 000,001,136 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/03/13 12:05:21 | 000,001,129 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/03/13 12:05:21 | 000,001,129 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/03/13 12:05:21 | 000,001,120 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011/03/13 12:05:21 | 000,001,107 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011/03/13 12:05:21 | 000,001,104 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/03/13 12:05:21 | 000,000,097 | ---- | C] () -- E:\Windows\SysWow64\PICSDK.ini
[2011/03/13 12:05:20 | 000,031,053 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern131.dat
[2011/03/13 12:05:20 | 000,027,417 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern121.dat
[2011/03/13 12:05:20 | 000,026,154 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern1.dat
[2010/05/29 10:22:25 | 000,982,220 | ---- | C] () -- E:\Windows\SysWow64\igkrng500.bin
[2010/05/29 10:22:23 | 000,134,592 | ---- | C] () -- E:\Windows\SysWow64\igfcg500.bin
[2010/05/29 10:22:23 | 000,092,216 | ---- | C] () -- E:\Windows\SysWow64\igfcg500m.bin
[2010/05/29 10:22:22 | 000,439,300 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng500.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2008/12/09 11:23:13 | 000,050,640 | RHS- | C] () -- E:\Users\Manuel\AppData\Roaming\appconf32.exe
[2006/12/13 10:03:14 | 000,074,240 | ---- | C] () -- E:\Windows\SysWow64\zlibwapi.dll
========== LOP Check ==========
[2010/12/21 15:02:44 | 000,000,000 | ---D | M] -- E:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2012/05/20 15:32:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
[2012/09/14 02:59:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Cisco
[2012/04/18 15:43:10 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
[2010/10/22 04:24:26 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2012/09/14 13:18:09 | 000,000,000 | ---D | M] -- E:\ProgramData\hsdxpanjnyzxvlu
[2011/05/02 11:14:23 | 000,000,000 | ---D | M] -- E:\ProgramData\Panasonic
[2012/08/27 06:21:56 | 000,000,000 | ---D | M] -- E:\ProgramData\PC-Doctor for Windows
[2012/09/10 14:18:40 | 000,000,000 | ---D | M] -- E:\ProgramData\PCDr
[2012/06/20 11:47:09 | 000,000,000 | ---D | M] -- E:\ProgramData\PixelPlanet
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2012/09/06 12:17:08 | 000,000,000 | ---D | M] -- E:\ProgramData\TEMP
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/09/07 02:41:00 | 000,000,000 | ---D | M] -- E:\ProgramData\tmp
[2011/08/30 11:00:26 | 000,000,000 | ---D | M] -- E:\ProgramData\Uninstall
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/08/24 08:33:08 | 000,000,000 | ---D | M] -- E:\ProgramData\WildTangent
[2012/08/29 08:19:41 | 000,000,000 | ---D | M] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/07/17 01:09:20 | 000,000,000 | -H-D | M] -- E:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}
[2012/09/02 09:44:30 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> E:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> E:\ProgramData\TEMP:A8ADE5D8
< End of report >
Nach dem das funktioniert hat habe ich es nochmal mit eingabe des Codes gescannt. Hier diese ergebnisse Code:
OTL logfile created on: 9/18/2012 3:36:00 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 83.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 14.65 Gb Total Space | 7.91 Gb Free Space | 54.02% Space Free | Partition Type: NTFS
Drive E: | 218.20 Gb Total Space | 64.75 Gb Free Space | 29.68% Space Free | Partition Type: NTFS
Drive F: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 7.46 Gb Total Space | 6.56 Gb Free Space | 87.96% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/08/24 17:46:28 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand] -- E:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/06/22 01:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/06/22 01:34:52 | 000,218,320 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/06/22 01:33:12 | 000,237,920 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/05/11 00:31:46 | 000,200,728 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/02/25 14:03:00 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto] -- E:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/16 21:06:22 | 000,033,280 | ---- | M] () [Auto] -- E:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto] -- E:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2009/03/02 14:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto] -- E:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe -- (AESTFilters)
SRV - [2012/09/13 13:25:48 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/26 13:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto] -- E:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/07/03 15:08:39 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 13:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- E:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/13 15:33:27 | 000,075,136 | ---- | M] () [Auto] -- E:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/10 05:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- E:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 05:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- E:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto] -- E:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/07/17 00:51:31 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand] -- E:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/04/13 14:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto] -- E:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/26 12:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand] -- E:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/06/22 01:40:58 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/06/22 01:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/06/22 01:36:54 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/06/22 01:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/06/22 01:35:02 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/06/22 01:34:22 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/06/22 01:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/06/15 06:04:12 | 000,073,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- E:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2012/04/25 06:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/20 10:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/01/18 02:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/10/22 04:25:15 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/07/12 14:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- E:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/04/15 17:40:10 | 000,301,688 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/04/13 14:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System] -- E:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2010/02/25 14:03:00 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/11/06 11:05:32 | 007,370,304 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/16 21:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 21:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/19 23:10:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand] -- E:\Windows\System32\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/05/08 04:15:18 | 000,215,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- E:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/06/26 11:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System] -- E:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Manuel_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
IE - HKU\Manuel_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Manuel_ON_E\..\URLSearchHook: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - Reg Error: Key error. File not found
IE - HKU\Manuel_ON_E\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
IE - HKU\Manuel_ON_E\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Key error. File not found
IE - HKU\Manuel_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Manuel_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: E:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files\McAfee\MSC\npMcSnFFPl64.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: E:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin: E:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/12/21 15:02:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.630.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/22 11:00:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/10 13:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/09/07 12:51:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 12:49:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/24 16:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/06/21 13:48:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/09/11 16:33:12 | 000,000,000 | ---D | M]
[2012/04/06 14:56:09 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/02 15:18:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- E:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/03 15:08:41 | 000,085,472 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/11 06:57:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/25 20:30:28 | 000,001,392 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/21 11:08:37 | 000,003,768 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/01/25 20:30:28 | 000,002,252 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/01/25 20:30:28 | 000,001,153 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/15 05:29:28 | 000,002,048 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchdrive.xml
[2012/01/25 20:30:28 | 000,006,805 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/08 12:31:46 | 000,002,027 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/01/25 20:30:28 | 000,001,178 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/01/25 20:30:28 | 000,001,105 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/09/11 14:18:14 | 000,000,854 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 176.9.96.188 wiki.fosera.com
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120907184947.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - E:\Program Files (x86)\SFT_eng7\prxtbSFT0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - E:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120907184947.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - E:\Program Files (x86)\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SFT_eng7 Toolbar) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - E:\Program Files (x86)\SFT_eng7\prxtbSFT0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - File not found
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - E:\Program Files (x86)\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Manuel_ON_E\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3:64bit: - HKU\Manuel_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [Apoint] E:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] E:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] E:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] E:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Bing Bar] File not found
O4 - HKLM..\Run: [DellSupportCenter] File not found
O4 - HKLM..\Run: [Desktop Disc Tool] E:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] E:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [facemoods] E:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [FreePDF Assistant] E:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [LWS] E:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [mcui_exe] E:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SearchSettings] E:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Manuel_ON_E..\Run: [ahffbfpvnjqwcdp] E:\ProgramData\ahffbfpv.exe ()
O4 - HKU\Manuel_ON_E..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\Manuel_ON_E..\Run: [Userinit] E:\Users\Manuel\AppData\Roaming\appconf32.exe ()
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] E:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKLM..\RunOnceEx: [ContentMerger] E:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - Reg Error: Key error. File not found
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - Reg Error: Key error. File not found
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Manuel_ON_E\..Trusted Domains: internet ([]about in Trusted sites)
O15:64bit: - Manuel_ON_E\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15:64bit: - Manuel_ON_E\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - E:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\Manuel_ON_E Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Manuel_ON_E Winlogon: Shell - (C:\Users\Manuel\AppData\Roaming\msconfig.dat) - E:\Users\Manuel\AppData\Roaming\msconfig.dat ()
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - File not found - -- [ NTFS ]
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
========== Files/Folders - Created Within 30 Days ==========
[2012/09/14 13:18:08 | 000,000,000 | ---D | C] -- E:\ProgramData\hsdxpanjnyzxvlu
[2012/09/14 02:58:44 | 000,000,000 | -HSD | C] -- E:\Config.Msi
[2012/09/11 16:23:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\RNDISMP.sys
[2012/09/11 16:23:17 | 000,574,464 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10level9.dll
[2012/09/11 16:23:16 | 000,490,496 | ---- | C] (Microsoft Corporation) -- E:\Windows\SysWow64\d3d10level9.dll
[2012/09/11 16:23:11 | 000,376,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/09/11 16:23:11 | 000,288,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/09/08 08:10:21 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/08 08:10:21 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/07 13:26:45 | 000,073,096 | ---- | C] (McAfee, Inc.) -- E:\Windows\System32\drivers\McPvDrv.sys
[2012/09/07 13:26:00 | 000,196,440 | ---- | C] (McAfee, Inc.) -- E:\Windows\System32\drivers\HipShieldK.sys
[2012/09/06 11:28:31 | 000,000,000 | ---D | C] -- E:\ProgramData\TEMP
[2012/09/04 07:43:57 | 000,000,000 | ---D | C] -- E:\Users\Manuel\AppData\Local\Cisco
[2012/09/04 07:43:57 | 000,000,000 | ---D | C] -- E:\ProgramData\Cisco
[2012/09/02 15:01:18 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/08/31 14:00:30 | 000,000,000 | ---D | C] -- E:\Users\Manuel\Desktop\Kathrin Sprache
[2012/08/31 13:09:23 | 000,000,000 | ---D | C] -- E:\Users\Manuel\AppData\Roaming\13001.042
[2012/08/29 08:19:53 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/29 08:19:45 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- E:\Windows\System32\GEARAspi64.dll
[2012/08/29 08:19:45 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- E:\Windows\SysWow64\GEARAspi.dll
[2012/08/29 08:17:26 | 000,000,000 | ---D | C] -- E:\Program Files\iPod
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\Program Files\iTunes
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\iTunes
[2012/08/29 08:17:24 | 000,000,000 | ---D | C] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/08/29 08:15:14 | 000,000,000 | ---D | C] -- E:\Program Files\Common Files\Apple
[2012/08/29 08:14:29 | 000,000,000 | ---D | C] -- E:\Program Files\Bonjour
[2012/08/29 08:14:29 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Bonjour
[2012/08/27 06:21:58 | 000,000,000 | R--D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/27 06:21:56 | 000,000,000 | ---D | C] -- E:\ProgramData\PC-Doctor for Windows
[2 E:\Users\Manuel\AppData\Roaming\*.tmp files -> E:\Users\Manuel\AppData\Roaming\*.tmp -> ]
[1 E:\Windows\SysWow64\*.tmp files -> E:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/17 15:04:05 | 1579,438,080 | -HS- | M] () -- E:\hiberfil.sys
[2012/09/17 15:04:05 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/09/17 14:54:08 | 000,014,240 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 14:54:08 | 000,014,240 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 14:48:17 | 000,000,045 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\msconfig.ini
[2012/09/17 05:23:31 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/09/14 13:39:01 | 000,000,884 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/14 13:18:09 | 000,076,348 | ---- | M] () -- E:\ProgramData\ecdamjlmrnawgqm
[2012/09/14 13:15:52 | 000,079,360 | ---- | M] () -- E:\ProgramData\ahffbfpv.exe
[2012/09/14 02:44:01 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/09/14 02:23:35 | 000,659,238 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2012/09/14 02:23:35 | 000,620,384 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/09/14 02:23:35 | 000,132,776 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2012/09/14 02:23:35 | 000,108,566 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/09/13 13:25:47 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/13 13:25:47 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/11 14:18:14 | 000,000,854 | ---- | M] () -- E:\Windows\System32\drivers\etc\hosts
[2012/09/10 13:37:43 | 000,000,034 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\blckdom.res
[2012/09/07 04:18:45 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/09/07 04:18:45 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/09/07 04:18:45 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/04 05:12:50 | 370,121,771 | ---- | M] () -- E:\Windows\MEMORY.DMP
[2012/08/31 13:09:33 | 000,198,200 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:09:33 | 000,007,424 | ---- | M] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/29 07:54:30 | 022,765,562 | ---- | M] () -- E:\Users\Manuel\Documents\iPhone_iOS3.1_Benutzerhandbuch.pdf
[2012/08/24 16:29:30 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/24 08:33:07 | 000,000,000 | R--D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/08/22 16:16:02 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
[2012/08/22 16:13:29 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
[2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2 E:\Users\Manuel\AppData\Roaming\*.tmp files -> E:\Users\Manuel\AppData\Roaming\*.tmp -> ]
[1 E:\Windows\SysWow64\*.tmp files -> E:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/14 13:20:42 | 000,000,045 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\msconfig.ini
[2012/09/14 13:18:09 | 000,079,360 | ---- | C] () -- E:\ProgramData\ahffbfpv.exe
[2012/09/14 13:15:55 | 000,076,348 | ---- | C] () -- E:\ProgramData\ecdamjlmrnawgqm
[2012/09/08 08:10:22 | 000,000,884 | ---- | C] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/02 09:48:08 | 370,121,771 | ---- | C] () -- E:\Windows\MEMORY.DMP
[2012/08/31 13:09:33 | 000,198,200 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\AcroIEHelpe205.dll
[2012/08/31 13:09:33 | 000,007,424 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe205.dll
[2012/08/29 07:54:28 | 022,765,562 | ---- | C] () -- E:\Users\Manuel\Documents\iPhone_iOS3.1_Benutzerhandbuch.pdf
[2012/08/24 16:29:30 | 000,002,441 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/24 08:19:24 | 000,000,034 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\blckdom.res
[2012/08/15 06:19:58 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe189.dll
[2012/08/14 12:17:04 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe188.dll
[2012/07/29 07:58:49 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe177.dll
[2012/07/26 12:24:23 | 000,006,400 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\BAcroIEHelpe175.dll
[2012/07/13 09:16:10 | 000,000,024 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\urhtps.dat
[2012/02/13 15:33:33 | 000,234,768 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2012/02/13 15:33:27 | 000,075,136 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2012/01/11 12:08:24 | 000,079,360 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\msconfig.dat
[2011/11/27 21:25:51 | 000,007,605 | ---- | C] () -- E:\Users\Manuel\AppData\Local\Resmon.ResmonCfg
[2011/08/01 01:17:32 | 000,081,920 | ---- | C] () -- E:\Windows\SysWow64\MPMapTrace.dll
[2011/08/01 00:37:24 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\mpPathan.dll
[2011/07/16 06:35:02 | 000,000,000 | ---- | C] () -- E:\Users\Manuel\AppData\Roaming\bibstats
[2011/06/14 04:55:11 | 000,000,056 | -H-- | C] () -- E:\ProgramData\ezsidmv.dat
[2011/04/26 10:42:24 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2011/03/13 12:05:21 | 000,111,932 | ---- | C] () -- E:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/03/13 12:05:21 | 000,024,903 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern3.dat
[2011/03/13 12:05:21 | 000,021,390 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern5.dat
[2011/03/13 12:05:21 | 000,020,148 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern2.dat
[2011/03/13 12:05:21 | 000,011,811 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern4.dat
[2011/03/13 12:05:21 | 000,004,943 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern6.dat
[2011/03/13 12:05:21 | 000,001,146 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_DU.dat
[2011/03/13 12:05:21 | 000,001,139 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/03/13 12:05:21 | 000,001,139 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/03/13 12:05:21 | 000,001,136 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/03/13 12:05:21 | 000,001,129 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/03/13 12:05:21 | 000,001,129 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/03/13 12:05:21 | 000,001,120 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_IT.dat
[2011/03/13 12:05:21 | 000,001,107 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_GE.dat
[2011/03/13 12:05:21 | 000,001,104 | ---- | C] () -- E:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/03/13 12:05:21 | 000,000,097 | ---- | C] () -- E:\Windows\SysWow64\PICSDK.ini
[2011/03/13 12:05:20 | 000,031,053 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern131.dat
[2011/03/13 12:05:20 | 000,027,417 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern121.dat
[2011/03/13 12:05:20 | 000,026,154 | ---- | C] () -- E:\Windows\SysWow64\EPPICPattern1.dat
[2010/05/29 10:22:25 | 000,982,220 | ---- | C] () -- E:\Windows\SysWow64\igkrng500.bin
[2010/05/29 10:22:23 | 000,134,592 | ---- | C] () -- E:\Windows\SysWow64\igfcg500.bin
[2010/05/29 10:22:23 | 000,092,216 | ---- | C] () -- E:\Windows\SysWow64\igfcg500m.bin
[2010/05/29 10:22:22 | 000,439,300 | ---- | C] () -- E:\Windows\SysWow64\igcompkrng500.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2008/12/09 11:23:13 | 000,050,640 | RHS- | C] () -- E:\Users\Manuel\AppData\Roaming\appconf32.exe
[2006/12/13 10:03:14 | 000,074,240 | ---- | C] () -- E:\Windows\SysWow64\zlibwapi.dll
========== LOP Check ==========
[2010/12/21 15:02:44 | 000,000,000 | ---D | M] -- E:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2012/05/20 15:32:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Battle.net
[2012/09/14 02:59:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Cisco
[2012/04/18 15:43:10 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
[2010/10/22 04:24:26 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2012/09/14 13:18:09 | 000,000,000 | ---D | M] -- E:\ProgramData\hsdxpanjnyzxvlu
[2011/05/02 11:14:23 | 000,000,000 | ---D | M] -- E:\ProgramData\Panasonic
[2012/08/27 06:21:56 | 000,000,000 | ---D | M] -- E:\ProgramData\PC-Doctor for Windows
[2012/09/10 14:18:40 | 000,000,000 | ---D | M] -- E:\ProgramData\PCDr
[2012/06/20 11:47:09 | 000,000,000 | ---D | M] -- E:\ProgramData\PixelPlanet
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2012/09/06 12:17:08 | 000,000,000 | ---D | M] -- E:\ProgramData\TEMP
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/09/07 02:41:00 | 000,000,000 | ---D | M] -- E:\ProgramData\tmp
[2011/08/30 11:00:26 | 000,000,000 | ---D | M] -- E:\ProgramData\Uninstall
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/08/24 08:33:08 | 000,000,000 | ---D | M] -- E:\ProgramData\WildTangent
[2012/08/29 08:19:41 | 000,000,000 | ---D | M] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/07/17 01:09:20 | 000,000,000 | -H-D | M] -- E:\ProgramData\{D19C2D22-6043-47E7-B400-83A351841204}
[2012/09/02 09:44:30 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011/05/02 11:29:07 | 000,000,000 | -HSD | M] -- E:\$Recycle.Bin
[2010/11/16 19:40:46 | 000,000,000 | ---D | M] -- E:\c7c3b196c4264b45388d0500028d29e9
[2012/09/14 13:21:44 | 000,000,000 | -HSD | M] -- E:\Config.Msi
[2010/12/12 16:54:34 | 000,000,000 | ---D | M] -- E:\dell
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\Documents and Settings
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\Dokumente und Einstellungen
[2010/05/29 11:29:11 | 000,000,000 | ---D | M] -- E:\Drivers
[2010/10/22 06:34:32 | 000,000,000 | ---D | M] -- E:\e1d6b45990b92d62a244
[2010/07/17 00:50:40 | 000,000,000 | ---D | M] -- E:\Intel
[2011/09/08 03:38:56 | 000,000,000 | ---D | M] -- E:\ManageEngine
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- E:\PerfLogs
[2012/08/29 08:17:26 | 000,000,000 | R--D | M] -- E:\Program Files
[2012/09/14 03:02:21 | 000,000,000 | ---D | M] -- E:\Program Files (x86)
[2012/09/14 13:18:09 | 000,000,000 | -H-D | M] -- E:\ProgramData
[2010/10/21 10:35:25 | 000,000,000 | -HSD | M] -- E:\Programme
[2010/10/21 10:51:44 | 000,000,000 | -HSD | M] -- E:\System Recovery
[2012/09/14 05:44:18 | 000,000,000 | -HSD | M] -- E:\System Volume Information
[2010/10/22 06:46:16 | 000,000,000 | ---D | M] -- E:\Temp
[2010/10/21 10:35:35 | 000,000,000 | R--D | M] -- E:\Users
[2012/09/15 07:31:25 | 000,000,000 | ---D | M] -- E:\Windows
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- E:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- E:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- E:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- E:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EVENTLOG.DLL >
[2007/01/23 11:22:16 | 000,032,890 | ---- | M] () MD5=4FA5D1120762802A741F374F8B391E69 -- E:\Program Files\MATLAB\R2009b\sys\perl\win32\lib\auto\Win32\EventLog\EventLog.dll
< MD5 for: EXPLORER.EXE >
[2010/07/17 03:28:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/07/17 03:28:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/07/17 03:28:31 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/07/17 03:28:39 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/07/17 03:28:48 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/07/17 03:28:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/07/17 03:28:48 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/07/17 03:28:39 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/07/17 03:28:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/07/17 03:28:31 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/07/17 03:28:39 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- E:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/07/17 03:28:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- E:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
< MD5 for: IASTOR.SYS >
[2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- E:\Drivers\storage\R228436\f6flpy64\IaStor.sys
[2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- E:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/04 06:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- E:\Windows\System32\DriverStore\FileRepository\iastor.inf_amd64_neutral_c065a1006c648409\iaStor.sys
[2011/06/14 21:10:14 | 000,557,848 | ---- | M] (Intel Corporation) MD5=4F6FB2CDBDEEFC47E7D2066E78254580 -- E:\Windows\System32\drivers\iaStor.sys
[2011/06/14 21:10:14 | 000,557,848 | ---- | M] (Intel Corporation) MD5=4F6FB2CDBDEEFC47E7D2066E78254580 -- E:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_e752014ccfa80474\iaStor.sys
[2009/06/04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
< MD5 for: IASTORV.SYS >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 02:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- E:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- E:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- E:\Windows\System32\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- E:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\SysWOW64\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- E:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- E:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\System32\drivers\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- E:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- E:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- E:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- E:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\SysWOW64\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- E:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- E:\Windows\System32\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- E:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- E:\Windows\SysWOW64\user32.dll
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- E:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- E:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- E:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- E:\Windows\System32\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- E:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- E:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- E:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\System32\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- E:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\System32\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/07/17 03:28:48 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/07/17 03:28:48 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- E:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- E:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- E:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> E:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> E:\ProgramData\TEMP:A8ADE5D8
< End of report >
Ich weiss nicht ob bei denen irgend ein Unterschied ist, aber ich dachte yur Sicherheit stelle ich lieber mal beide online.
Danke und viele Gruesse! |
