Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Copy to shortcut

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 19.06.2011, 11:12   #1
azael
 
Copy to shortcut - Standard

Copy to shortcut



Hallo miteinander,

habe ein Copy to Shortcuy wüstling. Der Otl Scan ergab folgendes:

OTL logfile created on: 6/19/2011 11:12:10 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Finanzamt\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.80 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.81% Memory free
7.60 Gb Paging File | 5.67 Gb Available in Paging File | 74.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.78 Gb Total Space | 175.35 Gb Free Space | 81.27% Space Free | Partition Type: NTFS
Drive D: | 62.21 Gb Total Space | 61.18 Gb Free Space | 98.34% Space Free | Partition Type: NTFS

Computer Name: FINANZAMT-PC | User Name: Finanzamt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
PRC - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- D:\iTunesHelper.exe
PRC - [2011/06/01 22:44:15 | 001,546,640 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\PROGRA~2\Bandoo\Bandoo.exe
PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\ProgrammeDAEMON Tools Lite\DTLite.exe
PRC - [2010/09/16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/04/07 15:40:06 | 000,843,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe


========== Modules (SafeList) ==========

MOD - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/05/05 08:15:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\PROGRA~2\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/05 09:28:30 | 002,782,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/11/04 07:27:40 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/05 07:23:26 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/01 02:25:14 | 000,136,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/31 02:35:26 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/29 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/14 22:46:56 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/16 17:26:47 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\ProgrammeDAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\datamngr.dll) - c:\progra~2\wi3c8a~1\datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\iebho.dll) - c:\progra~2\wi3c8a~1\datamngr\iebho.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - c:\progra~2\bandoo\bndhook.dll (Discordia Limited)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/19 08:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/16 22:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/06/16 22:49:53 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Youcam
[2011/06/15 05:18:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 05:18:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 05:18:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 05:18:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 05:18:53 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 05:18:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 05:18:53 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 05:18:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 05:18:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 05:18:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 05:18:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 05:18:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 05:18:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 05:18:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 05:18:22 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/14 05:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011/06/11 21:33:08 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
[2011/06/11 21:33:03 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2011/06/11 21:32:57 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2011/06/11 21:32:56 | 000,530,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2011/06/11 21:32:56 | 000,441,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2011/06/11 21:32:56 | 000,283,744 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2011/06/11 21:32:56 | 000,190,520 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2011/06/11 21:32:56 | 000,121,376 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2011/06/11 21:32:56 | 000,094,992 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2011/06/11 21:32:56 | 000,075,160 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2011/06/11 21:32:56 | 000,063,056 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2011/06/11 17:11:54 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Ilivid Player
[2011/06/11 17:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
[2011/06/11 17:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Bandoo
[2011/06/11 17:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandoo
[2011/06/11 17:10:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4EF77D37-415C-4195-AE30-904ED23A3940}
[2011/06/11 17:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2011/06/11 17:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2011/06/11 17:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2011/06/11 17:07:57 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\PackageAware
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2011/06/11 07:58:55 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011/06/11 07:58:55 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011/06/11 07:58:55 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011/06/11 07:58:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011/06/11 07:58:55 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011/06/11 07:58:55 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011/06/11 07:57:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2011/06/10 10:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011/06/10 10:04:47 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2011/06/10 10:04:45 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2011/06/10 10:04:44 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2011/06/10 10:04:44 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2011/06/10 10:04:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2011/06/10 10:04:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2011/06/10 03:29:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/06/10 03:29:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/06/10 03:29:35 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/06/10 03:29:35 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/06/10 03:29:35 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/06/10 03:29:35 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/06/10 03:29:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/06/10 03:29:34 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/06/10 03:29:34 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/06/10 03:29:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/06/10 03:29:31 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011/06/10 03:29:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011/06/10 03:29:29 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011/06/10 03:29:27 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/06/10 03:29:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/06/10 03:29:27 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011/06/10 03:29:26 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/06/10 03:29:26 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/06/10 03:29:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/06/10 03:29:26 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011/06/10 03:29:26 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011/06/10 03:29:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011/06/10 03:28:54 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/10 03:28:53 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/10 03:28:53 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/10 03:28:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011/06/10 03:28:42 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/10 03:28:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/10 03:28:42 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/10 03:28:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/06/10 03:28:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/06/10 03:28:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/06/10 03:28:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/06/10 03:28:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011/06/10 03:28:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011/06/10 03:28:26 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/06/10 03:28:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/06/10 03:28:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/06/10 03:28:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/06/10 03:27:59 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/06/10 03:27:59 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/06/10 03:27:59 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011/06/10 03:27:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/06/10 03:27:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/06/10 03:27:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/06/10 03:27:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/06/10 03:27:45 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011/06/10 03:27:45 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011/06/10 03:27:43 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/06/10 03:27:30 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/06/10 03:27:26 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/06/10 03:27:26 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/06/10 03:27:26 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/06/10 03:27:26 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/06/10 03:27:26 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/06/10 03:27:26 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/06/10 03:27:26 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/06/10 03:27:19 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011/06/10 03:27:18 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011/06/10 03:27:17 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011/06/10 03:27:17 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011/06/10 03:27:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/06/10 03:27:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011/06/10 03:27:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011/06/10 03:27:12 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/06/10 03:27:12 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/06/10 03:27:11 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/06/10 03:27:11 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/06/10 03:27:10 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/06/10 03:27:04 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/06/10 03:27:04 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/06/10 03:26:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011/06/09 23:37:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\vlc
[2011/06/09 23:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/09 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Apple Computer
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple Computer
[2011/06/09 23:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/09 23:27:04 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/06/09 23:27:04 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/06/09 23:27:04 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/09 23:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/06/09 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple
[2011/06/09 23:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/09 23:24:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 20:38:41 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Stream Catcher
[2011/06/09 20:36:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Diagnostics
[2011/06/09 20:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DATA BECKER Downloads
[2011/06/09 20:30:44 | 000,335,288 | ---- | C] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc
[2011/06/09 20:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2011/06/09 20:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
[2011/06/09 20:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared
[2011/06/09 20:30:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2011/06/09 20:30:34 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/06/09 20:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/06/09 20:09:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DivX
[2011/06/09 20:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/09 20:09:39 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011/06/09 20:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/06/09 20:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/06/09 20:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/06/09 20:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/06/09 19:58:56 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/06/09 19:57:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apps
[2011/06/09 19:57:58 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Deployment
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Macromedia
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Adobe
[2011/06/09 19:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/06/09 19:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/06/09 19:52:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/06/09 19:50:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011/06/09 19:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/06/09 19:50:29 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft Help
[2011/06/09 19:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/06/09 19:50:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/06/09 19:45:21 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2011/06/09 19:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Google
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Google
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\ATI
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\ATI
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Searches
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/06/09 19:32:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Identities
[2011/06/09 19:32:23 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Contacts
[2011/06/09 19:32:20 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\VirtualStore
[2011/06/09 19:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/06/09 19:30:51 | 000,061,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/06/09 19:30:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/06/09 19:30:50 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2011/06/09 19:30:00 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/06/09 19:30:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/06/09 19:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/06/09 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/06/09 19:27:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/06/09 19:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/06/09 19:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/06/09 19:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/06/09 19:26:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/06/09 19:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/06/09 19:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\OberonGameConsole
[2011/06/09 19:23:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\My Pictures
[2011/06/09 19:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Pack
[2011/06/09 19:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Oberon Media
[2011/06/09 19:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Pack
[2011/06/09 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Adobe
[2011/06/09 19:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/06/09 19:16:52 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/06/09 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011/06/09 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Vorlagen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Verlauf
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Temporary Internet Files
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Startmenü
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\SendTo
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Recent
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Netzwerkumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Lokale Einstellungen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Videos
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Musik
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Eigene Dateien
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Bilder
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Druckumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Cookies
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Anwendungsdaten
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Anwendungsdaten
[2011/06/09 19:15:12 | 000,000,000 | --SD | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Videos
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Saved Games
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Pictures
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Music
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Links
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Favorites
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Downloads
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Documents
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Desktop
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/06/09 19:15:12 | 000,000,000 | -H-D | C] -- C:\Users\Finanzamt\AppData
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Temp
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Media Center Programs
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011/06/08 08:13:30 | 000,000,000 | ---D | C] -- C:\windiag

========== Files - Modified Within 30 Days ==========

[2011/06/19 11:03:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:13:34 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/19 08:11:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/19 08:11:48 | 4081,635,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/19 07:32:24 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/16 19:07:25 | 000,050,455 | ---- | M] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/16 18:24:20 | 000,419,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/16 17:28:36 | 000,002,425 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/14 06:40:39 | 001,802,864 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/11 23:22:54 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/11 23:22:54 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/06/11 23:22:54 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/11 23:22:54 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/06/11 23:22:54 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/11 18:33:53 | 004,787,762 | ---- | M] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:10:25 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | M] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:47 | 000,754,344 | ---- | M] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:53 | 000,718,844 | ---- | M] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:24 | 000,045,241 | ---- | M] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/09 23:35:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 20:44:23 | 007,531,487 | ---- | M] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:36 | 000,001,612 | ---- | M] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:27 | 000,001,448 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | M] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:44:57 | 000,000,708 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:33:12 | 000,001,121 | ---- | M] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | M] () -- C:\Windows\0
[2011/06/09 19:15:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/05/25 16:55:28 | 001,524,112 | ---- | M] () -- C:\Windows\SysWow64\bandoolmx.dll

========== Files Created - No Company Name ==========

[2011/06/16 19:07:23 | 000,050,455 | ---- | C] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/14 06:40:51 | 001,802,864 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/12 07:30:48 | 002,137,707 | ---- | C] () -- C:\Users\Finanzamt\Desktop\383490290XPlanung.pdf
[2011/06/12 07:29:29 | 002,620,119 | ---- | C] () -- C:\Users\Finanzamt\Desktop\3834902225Scorecard.pdf
[2011/06/11 18:33:55 | 004,787,762 | ---- | C] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:11:25 | 001,524,112 | ---- | C] () -- C:\Windows\SysWow64\bandoolmx.dll
[2011/06/11 17:10:25 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:45 | 000,754,344 | ---- | C] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:52 | 000,718,844 | ---- | C] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:38 | 000,045,241 | ---- | C] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/10 10:04:45 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011/06/09 23:35:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 23:24:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/09 20:44:19 | 007,531,487 | ---- | C] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:36 | 000,001,612 | ---- | C] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/09 20:12:26 | 000,001,448 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | C] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:59:00 | 000,002,425 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/09 19:58:28 | 000,001,136 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/09 19:58:27 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/09 19:44:57 | 000,000,708 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:32:54 | 000,001,409 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/06/09 19:32:48 | 000,001,443 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | C] () -- C:\Windows\0
[2011/06/09 19:18:32 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/06/09 19:16:52 | 000,001,121 | ---- | C] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:15:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/03/11 03:20:29 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/03/11 03:20:29 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/03/11 03:20:29 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/03/11 03:20:27 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/03/11 03:20:25 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/06/01 19:03:25 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/01 18:56:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/01 03:58:24 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2010/06/01 03:12:53 | 000,001,612 | ---- | C] () -- C:\Windows\HotFixList.ini
[2010/06/01 03:04:55 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\Rezip.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

wie gehts jetzz weiter??

Alt 19.06.2011, 15:40   #2
markusg
/// Malware-holic
 
Copy to shortcut - Standard

Copy to shortcut



hi, gehts bitte genauer, problembeschreibung wäre nett.
__________________

__________________

Antwort

Themen zu Copy to shortcut
64-bit, adobe, autorun, bandoo, becker, bho, bonjour, browser, error, explorer, explorer.exe, firefox, format, home, ilivid, logfile, microsoft, mozilla, otl scan, pdfforge toolbar, phishing, realtek, registry, scan, searchqu toolbar, security, senden, shortcut, siteadvisor, software, spigot, start menu, symantec, syswow64, webcheck, windows, winlogon



Ähnliche Themen: Copy to shortcut


  1. Windows 8: Ordner werden als shortcut angezeigt, tlw. auch USB-Sticks
    Log-Analyse und Auswertung - 30.05.2015 (21)
  2. Win 7 - Paypal Mail erhalten - Kaspersky meldet hao123 desktop shortcut
    Log-Analyse und Auswertung - 04.08.2014 (14)
  3. Flash Drive Shortcut Virus wtbchkxbde..vbs
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (33)
  4. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (38)
  5. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (3)
  6. http://search.certified-toolbar.com/?si=41460&st=shortcut&tid=3192 und andere Probleme
    Mülltonne - 26.01.2013 (1)
  7. Usb stick & sd karte zeigen nur noch verknüpfungen an (shortcut)
    Log-Analyse und Auswertung - 19.02.2012 (3)
  8. Ordner als shortcut angezeigt auf ein usb external hd
    Plagegeister aller Art und deren Bekämpfung - 30.11.2011 (9)
  9. Copy.exe und Host.exe Workaround
    Alles rund um Windows - 15.04.2011 (1)
  10. "Copy of Shortcut to (1).ink" (virus?) auf USBstick- Datenübertragung ohne virenübertragung möglich?
    Plagegeister aller Art und deren Bekämpfung - 03.01.2011 (9)
  11. Mutierte Copy.exe und co ?
    Plagegeister aller Art und deren Bekämpfung - 06.04.2010 (4)
  12. copy.exe entgültig entfernen
    Plagegeister aller Art und deren Bekämpfung - 30.03.2010 (2)
  13. copy.exe/host.exe auf Wechseldatenträgerm
    Plagegeister aller Art und deren Bekämpfung - 22.12.2009 (17)
  14. copy.exe, generic.vdt, andere Bedrohungen
    Mülltonne - 26.12.2008 (0)
  15. svchost.exe, copy.exe
    Plagegeister aller Art und deren Bekämpfung - 18.07.2008 (10)

Zum Thema Copy to shortcut - Hallo miteinander, habe ein Copy to Shortcuy wüstling. Der Otl Scan ergab folgendes: OTL logfile created on: 6/19/2011 11:12:10 AM - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder - Copy to shortcut...
Archiv
Du betrachtest: Copy to shortcut auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.