| |
| |||||||
Log-Analyse und Auswertung: BKA-Trojaner Win 7 Lenovo-NotebookWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
19.06.2013, 21:14
| #1 |
| |  BKA-Trojaner Win 7 Lenovo-Notebook Hallo, ich habe mir heute morgen den BKA-Trojaner auf meinen Notebook eingefangen. Ich habe bereits die Reatogo-CD erstellt und OTLPE wie im OTLpe-Thema besprochen ausgeführt. Hier der Inhalt der OTL Inhalt: bzw. im Anhang irgendwie hat das mit dem Inhalt einfügen nicht geklappt Wie geht es weiter??? Vielen Dank Sven EDIT: hier jetzt der Inhalt Upload und Table hat nicht funktioniert SorryOTL Logfile: Code:
ATTFilter OTL logfile created on: 6/20/2013 2:54:50 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 200.00 Mb Total Space | 171.81 Mb Free Space | 85.91% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.81 Gb Free Space | 95.92% Space Free | Partition Type: NTFS
Drive E: | 552.22 Gb Total Space | 327.73 Gb Free Space | 59.35% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/04/20 09:29:08 | 000,903,456 | ---- | M] (Broadcom Corporation.) [Auto] -- E:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/02/05 10:43:20 | 000,311,296 | ---- | M] (Realtek Semiconductor Corp.) [Auto] -- E:\Program Files\Realtek\RtLED\RtLEDService.exe -- (RtLedService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto] -- E:\windows\System32\Crypserv.exe -- (Crypkey License)
SRV - [2013/06/03 05:57:49 | 003,085,264 | ---- | M] () [Auto] -- E:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/05/28 09:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/25 12:51:46 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/21 10:28:26 | 002,839,592 | ---- | M] (Iminent) [Auto] -- E:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2013/04/12 06:37:24 | 000,031,744 | ---- | M] () [Auto] -- E:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2013/03/22 00:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto] -- E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- E:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/27 23:14:02 | 000,709,488 | ---- | M] (Egis Technology Inc. ) [Auto] -- E:\Program Files (x86)\EgisTec BioExcess\EgisService.exe -- (EgisTec Service)
SRV - [2010/05/27 23:13:38 | 000,314,736 | ---- | M] (Egis Technology Inc. ) [Auto] -- E:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe -- (EgisTec Data Security Service)
SRV - [2010/05/19 13:21:26 | 000,322,416 | ---- | M] (Egis Technology Inc. ) [Auto] -- E:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe -- (EgisTec Service Help)
SRV - [2010/04/07 01:23:00 | 001,800,808 | ---- | M] (NVIDIA Corporation) [Auto] -- E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/30 08:02:38 | 002,320,920 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/09/30 08:02:36 | 000,268,824 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/09/22 13:16:32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand] -- E:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009/08/14 09:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand] -- E:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009/07/14 09:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [Auto] -- E:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto] -- E:\windows\SysWow64\IgrsSvcs.exe -- (ReadyComm.DirectRouter)
SRV - [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\windows\SysWow64\IgrsSvcs.exe -- (PS_MDP)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 15:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/05/31 12:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 12:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/12/26 03:18:01 | 000,116,480 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- E:\Windows\System32\drivers\avmaudio.sys -- (avmaudio)
DRV:64bit: - [2012/12/26 03:17:50 | 000,116,480 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- E:\Windows\System32\drivers\avmaura.sys -- (avmaura)
DRV:64bit: - [2012/12/13 08:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/20 14:17:05 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WlanGZG.sys -- (XG762_VS)
DRV:64bit: - [2011/01/26 08:46:09 | 000,513,080 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- E:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/01/26 08:38:27 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- E:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/12/24 09:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV:64bit: - [2010/12/24 09:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV:64bit: - [2010/12/24 09:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV:64bit: - [2010/12/24 09:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV:64bit: - [2010/12/24 09:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/26 23:04:46 | 000,055,880 | ---- | M] (Egis Technology Inc.) [File_System | System] -- E:\Windows\System32\drivers\EgisTecFF.sys -- (EgisTecFF)
DRV:64bit: - [2010/08/26 22:52:22 | 000,035,888 | ---- | M] (EgisTec) [Kernel | Auto] -- E:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV:64bit: - [2010/08/26 22:52:20 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- E:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010/08/26 22:52:20 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- E:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010/08/26 22:52:20 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- E:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010/08/25 14:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/10 06:17:50 | 000,229,488 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\vm332avs.sys -- (vm332avs)
DRV:64bit: - [2010/04/08 12:11:12 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/24 05:57:20 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/25 13:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/22 06:03:44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/02 11:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/02/02 03:38:30 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/01/15 14:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot] -- E:\Windows\System32\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2009/10/18 20:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2009/09/17 00:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/21 10:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand] -- E:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/16 06:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV:64bit: - [2009/07/15 22:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WDBridge.sys -- (Bridge0)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- E:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 16:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/03/17 13:12:26 | 000,028,664 | ---- | M] () [Kernel | System] -- E:\windows\system32\ckldrv.sys -- (NetworkX)
DRV:64bit: - [2006/06/02 05:23:48 | 000,493,696 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\WlanUZ64.sys -- (ZY760_64)
DRV - [2006/06/02 05:23:48 | 000,493,696 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- E:\Windows\SysWOW64\drivers\WlanUZ64.SYS -- (ZY760_64)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\lindenau_ON_E\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119403&tt=300513_ctrl&babsrc=HP_ss&mntrId=0430002682AAD5E9
IE - HKU\lindenau_ON_E\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\lindenau_ON_E\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\lindenau_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119403&tt=300513_ctrl&babsrc=HP_ss&mntrId=0430002682AAD5E9
IE - HKU\lindenau_ON_E\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\lindenau_ON_E\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\lindenau_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\lindenau_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\LocalService_ON_E\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_E\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com
IE - HKU\UpdatusUser_ON_E\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\UpdatusUser_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: E:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: E:\Users\lindenau\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions\webbooster@iminent.com [2013/06/01 10:36:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011/11/13 13:39:53 | 000,000,000 | ---D | M] (No name found) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Extensions
[2011/11/13 13:39:53 | 000,000,000 | ---D | M] (No name found) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013/06/01 10:37:02 | 000,000,000 | ---D | M] (No name found) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions
[2013/04/14 23:24:57 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions\fb_add_on@avm.de
[2013/06/01 10:33:47 | 000,000,000 | ---D | M] (Delta Toolbar) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions\ffxtlbr@delta.com
[2013/02/08 13:10:19 | 000,000,000 | ---D | M] (Ask Toolbar) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions\toolbar@ask.com
[2013/06/01 10:36:48 | 000,000,000 | ---D | M] (Iminent Minibar) -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\extensions\webbooster@iminent.com
[2013/02/08 13:10:19 | 000,002,308 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\searchplugins\askcom.xml
[2013/06/01 10:33:29 | 000,006,511 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\searchplugins\babylon.xml
[2013/06/01 10:33:49 | 000,001,294 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Mozilla\Firefox\Profiles\5zhglm63.default\searchplugins\delta.xml
[2013/06/01 10:34:08 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\Extensions
[2013/05/25 12:51:48 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/25 12:51:48 | 000,000,000 | ---D | M] (Default) -- E:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
() (No name found) -- E:\USERS\LINDENAU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5ZHGLM63.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPwdBankBHO Class) - {56CBB761-DA41-4E31-B270-B13B4B0A61D0} - E:\Program Files (x86)\EgisTec BioExcess\EgisIEPwdBank.dll (Egis Technology Inc. )
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - E:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - E:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - E:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - E:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - E:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\lindenau_ON_E\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\lindenau_ON_E\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\lindenau_ON_E\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - E:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3:64bit: - HKU\lindenau_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\lindenau_ON_E\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [Energy Management] E:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] E:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDWare] E:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] E:\Windows\System32\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] E:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] E:\Windows\System32\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] E:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] E:\Windows\System32\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] E:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] E:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] E:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [332BigDog] E:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] E:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] E:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] E:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] E:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [GrooveMonitor] E:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Iminent] E:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] E:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [IMSS] E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [iTunesHelper] E:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [PLTSR] E:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [SunJavaUpdateSched] E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] E:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] E:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] E:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VitaKeyTSR] E:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe (Egis Technology Inc. )
O4 - HKLM..\Run: [YouCam Mirror Tray icon] E:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\lindenau_ON_E..\Run: [{890DCACB-E4ED-AD7F-60A3-E4DC5E20C7C1}] E:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe (Madison Media Software, Inc.)
O4 - HKU\lindenau_ON_E..\Run: [AVMUSBFernanschluss] E:\Users\lindenau\AppData\Local\Apps\2.0\T7PAYA51.71K\G6QK145W.V4P\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\lindenau_ON_E..\Run: [DAEMON Tools Lite] E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\lindenau_ON_E..\Run: [Luxe] E:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe (Madison Media Software, Inc.)
O4 - HKU\lindenau_ON_E..\Run: [ReadyComm5] E:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe (Lenovo Group Limited)
O4 - HKU\lindenau_ON_E..\Run: [swg] E:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\lindenau_ON_E..\Run: [TomTomHOME.exe] E:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_E..\Run: [FactoryTest] File not found
O4 - HKU\UpdatusUser_ON_E..\Run: [Power2GoExpress] E:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe (Cyberlink)
O4 - HKU\UpdatusUser_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] File not found
O4 - HKU\.DEFAULT..\RunOnce: [WLStart] E:\Program Files (x86)\Windows Live\Installer\wlstart.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_E..\RunOnce: [mctadmin] File not found
O4 - Startup: E:\Users\lindenau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\UpdatusUser_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - E:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - E:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - E:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - E:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - E:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - E:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - E:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - E:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - E:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - E:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - E:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - E:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - E:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - lindenau_ON_E\..Trusted Domains: fritz.repeater ([]* in Local intranet)
O15:64bit: - lindenau_ON_E\..Trusted Ranges: Range1 ([*] in Local intranet)
O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16:64bit: - DPF: {C4B977A3-E8A2-37E9-ADCD-2597FAAC61F5} hxxp://shop.lenovo.com/SEUILibrary/lenovo-portal/cab/autodetect/MachineInfo.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - E:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - E:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - E:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - E:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - E:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - E:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - E:\windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - E:\Windows\System32\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - E:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - E:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - E:\Windows\System32\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - E:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\lindenau_ON_E Winlogon: Shell - (explorer.exe) - E:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\lindenau_ON_E Winlogon: Shell - (C:\Users\lindenau\AppData\Roaming\skype.dat) - E:\Users\lindenau\AppData\Roaming\skype.dat ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - E:\windows\System32\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - E:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - E:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - E:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - E:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - E:\windows\System32\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - E:\windows\System32\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - E:\windows\System32\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - E:\windows\System32\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - E:\windows\System32\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - E:\windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - E:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - E:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - E:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - E:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - E:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - E:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/06/19 23:50:35 | 000,000,000 | ---D | C] -- E:\_OTL
[2013/06/19 22:43:25 | 000,000,000 | -HSD | C] -- E:\RECYCLER
[2013/06/16 04:58:47 | 000,163,328 | ---- | C] (Adobe Systems Incorporated) -- E:\windows\SysWow64\FlashPlayerUpdateService.exe
[2013/06/16 04:58:45 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\File Scout
[2013/06/15 14:01:37 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2013/06/01 11:06:28 | 000,000,000 | ---D | C] -- E:\Users\lindenau\Documents\Aimersoft DRM Media Converter
[2013/06/01 11:04:27 | 000,029,288 | ---- | C] (Wondershare) -- E:\windows\System32\drivers\WsAudio_DeviceS(5).sys
[2013/06/01 11:03:18 | 000,029,288 | ---- | C] (Wondershare) -- E:\windows\System32\drivers\WsAudio_DeviceS(4).sys
[2013/06/01 11:02:14 | 000,029,288 | ---- | C] (Wondershare) -- E:\windows\System32\drivers\WsAudio_DeviceS(3).sys
[2013/06/01 11:01:02 | 000,029,288 | ---- | C] (Wondershare) -- E:\windows\System32\drivers\WsAudio_DeviceS(2).sys
[2013/06/01 11:00:16 | 000,029,288 | ---- | C] (Wondershare) -- E:\windows\System32\drivers\WsAudio_DeviceS(1).sys
[2013/06/01 11:00:13 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
[2013/06/01 11:00:07 | 000,892,928 | ---- | C] (Free Software Foundation) -- E:\windows\SysWow64\iconv.dll
[2013/06/01 11:00:03 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Aimersoft
[2013/06/01 10:38:15 | 000,164,144 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\COMCT232.OCX
[2013/06/01 10:38:15 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013/06/01 10:38:12 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudioInfos.dll
[2013/06/01 10:38:12 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudioVisu.dll
[2013/06/01 10:38:12 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudPlayer.dll
[2013/06/01 10:38:12 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudioRecord.dll
[2013/06/01 10:38:12 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\WMAFile.dll
[2013/06/01 10:38:11 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudDesign.dll
[2013/06/01 10:38:11 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudFile.dll
[2013/06/01 10:38:11 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- E:\windows\SysWow64\AudDisplay.dll
[2013/06/01 10:38:11 | 000,224,016 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\TABCTL32.OCX
[2013/06/01 10:38:11 | 000,152,848 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\COMDLG32.OCX
[2013/06/01 10:38:11 | 000,141,312 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\MSCMCFR.DLL
[2013/06/01 10:38:11 | 000,119,568 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\VB6FR.DLL
[2013/06/01 10:38:11 | 000,115,920 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msinet.OCX
[2013/06/01 10:38:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\VB6STKIT.DLL
[2013/06/01 10:38:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\Mscc2fr.dll
[2013/06/01 10:38:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\CMDLGFR.DLL
[2013/06/01 10:38:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\TABCTFR.DLL
[2013/06/01 10:38:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\inetfr.DLL
[2013/06/01 10:38:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msvcr70.dll
[2013/06/01 10:38:10 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\FreeAudioPack
[2013/06/01 10:38:10 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Free mp3 Wma Converter
[2013/06/01 10:37:27 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\Iminent
[2013/06/01 10:37:10 | 000,000,000 | ---D | C] -- E:\ProgramData\Iminent
[2013/06/01 10:36:38 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013/06/01 10:36:37 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Umbrella
[2013/06/01 10:36:36 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Iminent
[2013/06/01 10:34:40 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\SoftwareUpdater
[2013/06/01 10:34:03 | 000,000,000 | ---D | C] -- E:\ProgramData\BrowserProtect
[2013/06/01 10:33:53 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\BabSolution
[2013/06/01 10:33:47 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Delta
[2013/06/01 10:33:46 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\Delta
[2013/06/01 10:33:13 | 000,000,000 | ---D | C] -- E:\Users\lindenau\AppData\Roaming\Babylon
[2013/06/01 10:33:13 | 000,000,000 | ---D | C] -- E:\ProgramData\Babylon
[2013/05/25 12:51:37 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Firefox
[2013/05/25 11:14:55 | 003,958,784 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\jscript9.dll
[2013/05/25 11:14:55 | 002,877,440 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\jscript9.dll
[2013/05/25 11:14:55 | 001,509,376 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\inetcpl.cpl
[2013/05/25 11:14:55 | 001,441,280 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\inetcpl.cpl
[2013/05/25 11:14:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ieapfltr.dat
[2013/05/25 11:14:55 | 001,400,416 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ieapfltr.dat
[2013/05/25 11:14:55 | 001,054,720 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\MsSpellCheckingFacility.exe
[2013/05/25 11:14:55 | 000,905,728 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\mshtmlmedia.dll
[2013/05/25 11:14:55 | 000,855,552 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\jscript.dll
[2013/05/25 11:14:55 | 000,762,368 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ieapfltr.dll
[2013/05/25 11:14:55 | 000,719,360 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmlmedia.dll
[2013/05/25 11:14:55 | 000,690,688 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\jscript.dll
[2013/05/25 11:14:55 | 000,629,248 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ieapfltr.dll
[2013/05/25 11:14:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msfeeds.dll
[2013/05/25 11:14:55 | 000,599,552 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\vbscript.dll
[2013/05/25 11:14:55 | 000,526,336 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ieui.dll
[2013/05/25 11:14:55 | 000,493,056 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msfeeds.dll
[2013/05/25 11:14:55 | 000,452,096 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\dxtmsft.dll
[2013/05/25 11:14:55 | 000,441,856 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\html.iec
[2013/05/25 11:14:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ieui.dll
[2013/05/25 11:14:55 | 000,361,984 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\html.iec
[2013/05/25 11:14:55 | 000,357,888 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\dxtmsft.dll
[2013/05/25 11:14:55 | 000,281,600 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\dxtrans.dll
[2013/05/25 11:14:55 | 000,235,008 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\url.dll
[2013/05/25 11:14:55 | 000,232,960 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\url.dll
[2013/05/25 11:14:55 | 000,226,816 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\dxtrans.dll
[2013/05/25 11:14:55 | 000,226,304 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\elshyph.dll
[2013/05/25 11:14:55 | 000,216,064 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msls31.dll
[2013/05/25 11:14:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msrating.dll
[2013/05/25 11:14:55 | 000,185,344 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\elshyph.dll
[2013/05/25 11:14:55 | 000,173,568 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ieUnatt.exe
[2013/05/25 11:14:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iexpress.exe
[2013/05/25 11:14:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msrating.dll
[2013/05/25 11:14:55 | 000,158,720 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msls31.dll
[2013/05/25 11:14:55 | 000,150,528 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iexpress.exe
[2013/05/25 11:14:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\occache.dll
[2013/05/25 11:14:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\wextract.exe
[2013/05/25 11:14:55 | 000,138,752 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\wextract.exe
[2013/05/25 11:14:55 | 000,137,216 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ieUnatt.exe
[2013/05/25 11:14:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iesysprep.dll
[2013/05/25 11:14:55 | 000,136,192 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iepeers.dll
[2013/05/25 11:14:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\IEAdvpack.dll
[2013/05/25 11:14:55 | 000,125,440 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\occache.dll
[2013/05/25 11:14:55 | 000,117,248 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iepeers.dll
[2013/05/25 11:14:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\IEAdvpack.dll
[2013/05/25 11:14:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iesysprep.dll
[2013/05/25 11:14:55 | 000,102,912 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\inseng.dll
[2013/05/25 11:14:55 | 000,097,280 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\mshtmled.dll
[2013/05/25 11:14:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\SetIEInstalledDate.exe
[2013/05/25 11:14:55 | 000,089,600 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\RegisterIEPKEYs.exe
[2013/05/25 11:14:55 | 000,082,432 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\inseng.dll
[2013/05/25 11:14:55 | 000,081,408 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\icardie.dll
[2013/05/25 11:14:55 | 000,079,872 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmled.dll
[2013/05/25 11:14:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\tdc.ocx
[2013/05/25 11:14:55 | 000,073,728 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\SetIEInstalledDate.exe
[2013/05/25 11:14:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/25 11:14:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\icardie.dll
[2013/05/25 11:14:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iesetup.dll
[2013/05/25 11:14:55 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\pngfilt.dll
[2013/05/25 11:14:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\tdc.ocx
[2013/05/25 11:14:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iesetup.dll
[2013/05/25 11:14:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\pngfilt.dll
[2013/05/25 11:14:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ie4uinit.exe
[2013/05/25 11:14:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\imgutil.dll
[2013/05/25 11:14:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmler.dll
[2013/05/25 11:14:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\mshtmler.dll
[2013/05/25 11:14:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iernonce.dll
[2013/05/25 11:14:55 | 000,038,400 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\imgutil.dll
[2013/05/25 11:14:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iernonce.dll
[2013/05/25 11:14:55 | 000,027,648 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\licmgr10.dll
[2013/05/25 11:14:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\licmgr10.dll
[2013/05/25 11:14:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\mshta.exe
[2013/05/25 11:14:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msfeedssync.exe
[2013/05/25 11:14:55 | 000,011,776 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msfeedssync.exe
[2013/05/25 11:05:18 | 003,928,064 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d2d1.dll
[2013/05/25 11:05:18 | 003,419,136 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d2d1.dll
[2013/05/25 11:05:18 | 002,776,576 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msmpeg2vdec.dll
[2013/05/25 11:05:18 | 002,565,120 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10warp.dll
[2013/05/25 11:05:18 | 002,284,544 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msmpeg2vdec.dll
[2013/05/25 11:05:18 | 001,988,096 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10warp.dll
[2013/05/25 11:05:18 | 001,887,232 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d11.dll
[2013/05/25 11:05:18 | 001,682,432 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\XpsPrint.dll
[2013/05/25 11:05:18 | 001,643,520 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\DWrite.dll
[2013/05/25 11:05:18 | 001,504,768 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d11.dll
[2013/05/25 11:05:18 | 001,424,384 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\WindowsCodecs.dll
[2013/05/25 11:05:18 | 001,247,744 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\DWrite.dll
[2013/05/25 11:05:18 | 001,238,528 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10.dll
[2013/05/25 11:05:18 | 001,158,144 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\XpsPrint.dll
[2013/05/25 11:05:18 | 001,080,832 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10.dll
[2013/05/25 11:05:18 | 000,648,192 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10level9.dll
[2013/05/25 11:05:18 | 000,604,160 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10level9.dll
[2013/05/25 11:05:18 | 000,522,752 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\XpsGdiConverter.dll
[2013/05/25 11:05:18 | 000,465,920 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\WMPhoto.dll
[2013/05/25 11:05:18 | 000,417,792 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\WMPhoto.dll
[2013/05/25 11:05:18 | 000,364,544 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\XpsGdiConverter.dll
[2013/05/25 11:05:18 | 000,363,008 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\dxgi.dll
[2013/05/25 11:05:18 | 000,333,312 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10_1core.dll
[2013/05/25 11:05:18 | 000,296,960 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10core.dll
[2013/05/25 11:05:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\dxgi.dll
[2013/05/25 11:05:18 | 000,249,856 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10_1core.dll
[2013/05/25 11:05:18 | 000,245,248 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\WindowsCodecsExt.dll
[2013/05/25 11:05:18 | 000,221,184 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\UIAnimation.dll
[2013/05/25 11:05:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10core.dll
[2013/05/25 11:05:18 | 000,207,872 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\WindowsCodecsExt.dll
[2013/05/25 11:05:18 | 000,194,560 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\d3d10_1.dll
[2013/05/25 11:05:18 | 000,187,392 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\UIAnimation.dll
[2013/05/25 11:05:18 | 000,161,792 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10_1.dll
[2013/05/25 11:05:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/25 11:05:18 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/25 11:05:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/25 11:05:18 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
========== Files - Modified Within 30 Days ==========
[2013/06/20 05:44:58 | 000,067,584 | ---- | M] () -- E:\windows\bootstat.dat
[2013/06/19 12:13:13 | 000,000,004 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\skype.ini
[2013/06/19 12:13:11 | 000,000,813 | ---- | M] () -- E:\ProgramData\profile.xml
[2013/06/19 12:12:52 | 000,001,110 | ---- | M] () -- E:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/19 12:12:20 | 3010,797,568 | -HS- | M] () -- E:\hiberfil.sys
[2013/06/19 01:51:12 | 000,013,632 | -H-- | M] () -- E:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/19 01:51:12 | 000,013,632 | -H-- | M] () -- E:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/19 01:22:03 | 000,000,884 | ---- | M] () -- E:\windows\tasks\Adobe Flash Player Updater.job
[2013/06/19 01:04:01 | 000,001,114 | ---- | M] () -- E:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/17 13:09:37 | 000,007,883 | ---- | M] () -- E:\Users\lindenau\Desktop\Klasse1a_Juni2013.pdf
[2013/06/12 14:22:53 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- E:\windows\SysWow64\FlashPlayerApp.exe
[2013/06/12 14:22:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- E:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/06/11 07:16:32 | 000,654,400 | ---- | M] () -- E:\windows\System32\perfh007.dat
[2013/06/11 07:16:32 | 000,616,242 | ---- | M] () -- E:\windows\System32\perfh009.dat
[2013/06/11 07:16:32 | 000,130,240 | ---- | M] () -- E:\windows\System32\perfc007.dat
[2013/06/11 07:16:32 | 000,106,622 | ---- | M] () -- E:\windows\System32\perfc009.dat
[2013/06/09 13:47:40 | 000,025,205 | ---- | M] () -- E:\Users\lindenau\Desktop\Klassenausflug.pdf
[2013/06/04 11:47:51 | 000,034,923 | ---- | M] () -- E:\Users\lindenau\Desktop\Familie Lindenau.pdf
[2013/06/01 11:00:13 | 000,001,331 | ---- | M] () -- E:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
[2013/06/01 11:00:13 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aimersoft
[2013/06/01 10:38:15 | 000,001,342 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy Audio Cutter.lnk
[2013/06/01 10:38:15 | 000,001,326 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free CD Ripper.lnk
[2013/06/01 10:38:15 | 000,001,324 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk
[2013/06/01 10:38:15 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
[2013/06/01 10:37:08 | 000,000,620 | ---- | M] () -- E:\windows\SysWow64\InstallUtil.InstallLog
[2013/06/01 10:36:38 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013/05/28 09:05:16 | 000,163,328 | ---- | M] (Adobe Systems Incorporated) -- E:\windows\SysWow64\FlashPlayerUpdateService.exe
[2013/05/25 15:42:05 | 000,001,137 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/05/25 12:00:00 | 000,428,800 | ---- | M] () -- E:\windows\System32\FNTCACHE.DAT
[2013/05/25 11:14:55 | 003,958,784 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\jscript9.dll
[2013/05/25 11:14:55 | 002,877,440 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\jscript9.dll
[2013/05/25 11:14:55 | 001,509,376 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\inetcpl.cpl
[2013/05/25 11:14:55 | 001,441,280 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\inetcpl.cpl
[2013/05/25 11:14:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\ieapfltr.dat
[2013/05/25 11:14:55 | 001,400,416 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ieapfltr.dat
[2013/05/25 11:14:55 | 001,054,720 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\MsSpellCheckingFacility.exe
[2013/05/25 11:14:55 | 000,905,728 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\mshtmlmedia.dll
[2013/05/25 11:14:55 | 000,855,552 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\jscript.dll
[2013/05/25 11:14:55 | 000,762,368 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ieapfltr.dll
[2013/05/25 11:14:55 | 000,719,360 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmlmedia.dll
[2013/05/25 11:14:55 | 000,690,688 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\jscript.dll
[2013/05/25 11:14:55 | 000,629,248 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\ieapfltr.dll
[2013/05/25 11:14:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msfeeds.dll
[2013/05/25 11:14:55 | 000,599,552 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\vbscript.dll
[2013/05/25 11:14:55 | 000,526,336 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ieui.dll
[2013/05/25 11:14:55 | 000,493,056 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msfeeds.dll
[2013/05/25 11:14:55 | 000,452,096 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\dxtmsft.dll
[2013/05/25 11:14:55 | 000,441,856 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\html.iec
[2013/05/25 11:14:55 | 000,391,168 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\ieui.dll
[2013/05/25 11:14:55 | 000,361,984 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\html.iec
[2013/05/25 11:14:55 | 000,357,888 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\dxtmsft.dll
[2013/05/25 11:14:55 | 000,281,600 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\dxtrans.dll
[2013/05/25 11:14:55 | 000,235,008 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\url.dll
[2013/05/25 11:14:55 | 000,232,960 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\url.dll
[2013/05/25 11:14:55 | 000,226,816 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\dxtrans.dll
[2013/05/25 11:14:55 | 000,226,304 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\elshyph.dll
[2013/05/25 11:14:55 | 000,216,064 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msls31.dll
[2013/05/25 11:14:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msrating.dll
[2013/05/25 11:14:55 | 000,185,344 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\elshyph.dll
[2013/05/25 11:14:55 | 000,173,568 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ieUnatt.exe
[2013/05/25 11:14:55 | 000,167,424 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iexpress.exe
[2013/05/25 11:14:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msrating.dll
[2013/05/25 11:14:55 | 000,158,720 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msls31.dll
[2013/05/25 11:14:55 | 000,150,528 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iexpress.exe
[2013/05/25 11:14:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\occache.dll
[2013/05/25 11:14:55 | 000,144,896 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\wextract.exe
[2013/05/25 11:14:55 | 000,138,752 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\wextract.exe
[2013/05/25 11:14:55 | 000,137,216 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\ieUnatt.exe
[2013/05/25 11:14:55 | 000,136,704 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iesysprep.dll
[2013/05/25 11:14:55 | 000,136,192 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iepeers.dll
[2013/05/25 11:14:55 | 000,135,680 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\IEAdvpack.dll
[2013/05/25 11:14:55 | 000,125,440 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\occache.dll
[2013/05/25 11:14:55 | 000,117,248 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iepeers.dll
[2013/05/25 11:14:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\IEAdvpack.dll
[2013/05/25 11:14:55 | 000,109,056 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iesysprep.dll
[2013/05/25 11:14:55 | 000,102,912 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\inseng.dll
[2013/05/25 11:14:55 | 000,097,280 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\mshtmled.dll
[2013/05/25 11:14:55 | 000,092,160 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\SetIEInstalledDate.exe
[2013/05/25 11:14:55 | 000,089,600 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\RegisterIEPKEYs.exe
[2013/05/25 11:14:55 | 000,082,432 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\inseng.dll
[2013/05/25 11:14:55 | 000,081,408 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\icardie.dll
[2013/05/25 11:14:55 | 000,079,872 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmled.dll
[2013/05/25 11:14:55 | 000,077,312 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\tdc.ocx
[2013/05/25 11:14:55 | 000,073,728 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\SetIEInstalledDate.exe
[2013/05/25 11:14:55 | 000,071,680 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/25 11:14:55 | 000,069,120 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\icardie.dll
[2013/05/25 11:14:55 | 000,067,072 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iesetup.dll
[2013/05/25 11:14:55 | 000,062,976 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\pngfilt.dll
[2013/05/25 11:14:55 | 000,061,952 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\tdc.ocx
[2013/05/25 11:14:55 | 000,061,440 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iesetup.dll
[2013/05/25 11:14:55 | 000,057,344 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\pngfilt.dll
[2013/05/25 11:14:55 | 000,051,712 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ie4uinit.exe
[2013/05/25 11:14:55 | 000,051,200 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\imgutil.dll
[2013/05/25 11:14:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\mshtmler.dll
[2013/05/25 11:14:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\mshtmler.dll
[2013/05/25 11:14:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iernonce.dll
[2013/05/25 11:14:55 | 000,038,400 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\imgutil.dll
[2013/05/25 11:14:55 | 000,033,280 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iernonce.dll
[2013/05/25 11:14:55 | 000,027,648 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\licmgr10.dll
[2013/05/25 11:14:55 | 000,025,185 | ---- | M] () -- E:\windows\SysWow64\ieuinit.inf
[2013/05/25 11:14:55 | 000,025,185 | ---- | M] () -- E:\windows\System32\ieuinit.inf
[2013/05/25 11:14:55 | 000,023,040 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\licmgr10.dll
[2013/05/25 11:14:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\mshta.exe
[2013/05/25 11:14:55 | 000,012,800 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msfeedssync.exe
[2013/05/25 11:14:55 | 000,011,776 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msfeedssync.exe
[2013/05/25 11:05:18 | 003,928,064 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d2d1.dll
[2013/05/25 11:05:18 | 003,419,136 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d2d1.dll
[2013/05/25 11:05:18 | 002,776,576 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msmpeg2vdec.dll
[2013/05/25 11:05:18 | 002,565,120 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10warp.dll
[2013/05/25 11:05:18 | 002,284,544 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msmpeg2vdec.dll
[2013/05/25 11:05:18 | 001,988,096 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10warp.dll
[2013/05/25 11:05:18 | 001,887,232 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d11.dll
[2013/05/25 11:05:18 | 001,682,432 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\XpsPrint.dll
[2013/05/25 11:05:18 | 001,643,520 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\DWrite.dll
[2013/05/25 11:05:18 | 001,504,768 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d11.dll
[2013/05/25 11:05:18 | 001,424,384 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\WindowsCodecs.dll
[2013/05/25 11:05:18 | 001,247,744 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\DWrite.dll
[2013/05/25 11:05:18 | 001,238,528 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10.dll
[2013/05/25 11:05:18 | 001,158,144 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\XpsPrint.dll
[2013/05/25 11:05:18 | 001,080,832 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10.dll
[2013/05/25 11:05:18 | 000,648,192 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10level9.dll
[2013/05/25 11:05:18 | 000,604,160 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10level9.dll
[2013/05/25 11:05:18 | 000,522,752 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\XpsGdiConverter.dll
[2013/05/25 11:05:18 | 000,465,920 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\WMPhoto.dll
[2013/05/25 11:05:18 | 000,417,792 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\WMPhoto.dll
[2013/05/25 11:05:18 | 000,364,544 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\XpsGdiConverter.dll
[2013/05/25 11:05:18 | 000,363,008 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\dxgi.dll
[2013/05/25 11:05:18 | 000,333,312 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10_1core.dll
[2013/05/25 11:05:18 | 000,296,960 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10core.dll
[2013/05/25 11:05:18 | 000,293,376 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\dxgi.dll
[2013/05/25 11:05:18 | 000,249,856 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10_1core.dll
[2013/05/25 11:05:18 | 000,245,248 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\WindowsCodecsExt.dll
[2013/05/25 11:05:18 | 000,221,184 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\UIAnimation.dll
[2013/05/25 11:05:18 | 000,220,160 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10core.dll
[2013/05/25 11:05:18 | 000,207,872 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\WindowsCodecsExt.dll
[2013/05/25 11:05:18 | 000,194,560 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\d3d10_1.dll
[2013/05/25 11:05:18 | 000,187,392 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\UIAnimation.dll
[2013/05/25 11:05:18 | 000,161,792 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\d3d10_1.dll
[2013/05/25 11:05:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/25 11:05:18 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/25 11:05:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/05/25 11:05:18 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- E:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/25 11:05:18 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- E:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/05/24 01:18:30 | 000,417,121 | ---- | M] () -- E:\Users\lindenau\Desktop\gutschein_24052013-071021.pdf
========== Files Created - No Company Name ==========
[2013/06/19 01:22:01 | 000,000,004 | ---- | C] () -- E:\Users\lindenau\AppData\Roaming\skype.ini
[2013/06/17 13:09:35 | 000,007,883 | ---- | C] () -- E:\Users\lindenau\Desktop\Klasse1a_Juni2013.pdf
[2013/06/09 13:47:35 | 000,025,205 | ---- | C] () -- E:\Users\lindenau\Desktop\Klassenausflug.pdf
[2013/06/04 11:47:49 | 000,034,923 | ---- | C] () -- E:\Users\lindenau\Desktop\Familie Lindenau.pdf
[2013/06/01 11:00:13 | 000,001,331 | ---- | C] () -- E:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
[2013/06/01 11:00:08 | 000,496,640 | ---- | C] () -- E:\windows\SysWow64\xvid.ax
[2013/06/01 11:00:07 | 000,675,840 | ---- | C] () -- E:\windows\SysWow64\ac3filter.ax
[2013/06/01 11:00:06 | 000,153,600 | ---- | C] () -- E:\windows\SysWow64\WS_ATLMovie.dll
[2013/06/01 10:38:15 | 000,001,342 | ---- | C] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Easy Audio Cutter.lnk
[2013/06/01 10:38:15 | 000,001,326 | ---- | C] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free CD Ripper.lnk
[2013/06/01 10:38:15 | 000,001,324 | ---- | C] () -- E:\Users\lindenau\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk
[2013/06/01 10:38:12 | 000,116,296 | ---- | C] () -- E:\windows\SysWow64\NCTWMAProfiles.prx
[2013/06/01 10:38:10 | 000,484,352 | ---- | C] () -- E:\windows\SysWow64\lame_enc.dll
[2013/06/01 10:36:51 | 000,000,620 | ---- | C] () -- E:\windows\SysWow64\InstallUtil.InstallLog
[2013/05/25 11:14:55 | 000,025,185 | ---- | C] () -- E:\windows\SysWow64\ieuinit.inf
[2013/05/25 11:14:55 | 000,025,185 | ---- | C] () -- E:\windows\System32\ieuinit.inf
[2013/05/24 01:18:30 | 000,417,121 | ---- | C] () -- E:\Users\lindenau\Desktop\gutschein_24052013-071021.pdf
[2012/12/30 14:44:14 | 000,007,606 | ---- | C] () -- E:\Users\lindenau\AppData\Local\Resmon.ResmonCfg
[2012/12/29 07:19:56 | 000,000,622 | ---- | C] () -- E:\windows\wiso.ini
[2012/01/13 05:37:47 | 000,106,496 | ---- | C] () -- E:\Users\lindenau\AppData\Roaming\skype.dat
[2011/09/13 07:39:18 | 000,001,127 | ---- | C] () -- E:\windows\disney.ini
[2011/09/06 12:22:19 | 000,000,068 | ---- | C] () -- E:\windows\spwdrg.INI
[2011/09/06 12:22:07 | 000,000,077 | ---- | C] () -- E:\windows\Crypkey.ini
[2011/09/06 12:22:04 | 000,027,648 | R--- | C] () -- E:\windows\Setup_ck.exe
[2011/09/06 12:22:04 | 000,018,432 | ---- | C] () -- E:\windows\Setup_ck.dll
[2011/09/06 12:22:04 | 000,011,776 | ---- | C] () -- E:\windows\Ckrfresh.exe
[2011/09/06 12:22:01 | 000,178,176 | ---- | C] () -- E:\windows\SysWow64\StellarProfile.dll
[2011/07/03 12:37:45 | 000,252,928 | ---- | C] () -- E:\windows\SysWow64\DShowRdpFilter.dll
[2011/02/27 13:16:22 | 000,028,672 | ---- | C] () -- E:\windows\SysWow64\InsDrvZD.dll
[2011/02/27 13:16:22 | 000,024,576 | ---- | C] () -- E:\windows\SysWow64\ZyDelReg.exe
[2011/02/27 13:16:22 | 000,015,872 | ---- | C] () -- E:\windows\SysWow64\InsDrvZD64.DLL
[2011/02/27 13:16:21 | 000,001,162 | ---- | C] () -- E:\windows\SysWow64\W32N55.INI
[2011/01/19 03:53:15 | 000,000,813 | ---- | C] () -- E:\ProgramData\profile.xml
[2011/01/19 03:48:28 | 000,016,648 | R--- | C] () -- E:\windows\SysWow64\LogAPI.dll
[2010/08/25 14:34:30 | 000,127,868 | ---- | C] () -- E:\windows\SysWow64\igcompkrng575.bin
[2010/08/25 14:34:30 | 000,104,796 | ---- | C] () -- E:\windows\SysWow64\igfcg575m.bin
[2010/05/27 03:55:42 | 000,870,560 | ---- | C] () -- E:\windows\SysWow64\igkrng575.bin
[2010/05/27 03:55:42 | 000,208,896 | ---- | C] () -- E:\windows\SysWow64\iglhsip32.dll
[2010/05/27 03:55:42 | 000,143,360 | ---- | C] () -- E:\windows\SysWow64\iglhcp32.dll
[2010/05/19 08:02:39 | 000,001,341 | ---- | C] () -- E:\windows\vm332Rmv.ini
[2009/07/14 01:38:36 | 000,067,584 | ---- | C] () -- E:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\windows\SysWow64\ir32_32.dll
[2009/07/13 17:59:36 | 000,982,196 | ---- | C] () -- E:\windows\SysWow64\igkrng500.bin
[2009/07/13 17:59:36 | 000,139,824 | ---- | C] () -- E:\windows\SysWow64\igfcg500.bin
[2009/07/13 17:59:36 | 000,097,448 | ---- | C] () -- E:\windows\SysWow64\igfcg500m.bin
[2009/07/13 17:59:35 | 000,417,344 | ---- | C] () -- E:\windows\SysWow64\igcompkrng500.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\windows\SysWow64\mlang.dat
========== LOP Check ==========
[2013/03/02 09:43:28 | 000,000,000 | ---D | M] -- E:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2010/12/24 20:34:22 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2013/02/08 13:07:48 | 000,000,000 | ---D | M] -- E:\ProgramData\Ask
[2013/06/01 10:33:13 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2013/06/19 01:25:11 | 000,000,000 | ---D | M] -- E:\ProgramData\BrowserProtect
[2013/01/05 04:04:36 | 000,000,000 | ---D | M] -- E:\ProgramData\Buhl Data Service GmbH
[2011/02/11 13:14:33 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/12/24 20:34:22 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2010/08/26 23:04:47 | 000,000,000 | ---D | M] -- E:\ProgramData\EgisTec
[2010/08/26 23:08:24 | 000,000,000 | ---D | M] -- E:\ProgramData\EgisTec IPS
[2010/12/24 20:34:22 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2013/06/01 10:37:10 | 000,000,000 | ---D | M] -- E:\ProgramData\Iminent
[2013/02/08 13:17:20 | 000,000,000 | ---D | M] -- E:\ProgramData\LinguAdapt
[2011/01/19 05:30:54 | 000,000,000 | ---D | M] -- E:\ProgramData\OneKey Recovery
[2012/12/10 14:23:36 | 000,000,000 | ---D | M] -- E:\ProgramData\Port Locker
[2012/12/27 03:43:07 | 000,000,000 | ---D | M] -- E:\ProgramData\RavensburgerTipToi
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/12/24 20:34:22 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2011/09/09 03:33:08 | 000,000,000 | ---D | M] -- E:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2011/11/13 13:40:07 | 000,000,000 | ---D | M] -- E:\ProgramData\TomTom
[2010/12/24 20:34:22 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/09/23 13:45:26 | 000,032,632 | ---- | M] () -- E:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 893 bytes -> E:\Users\lindenau\Documents\Lieferung und Montage tor und Türen.eml:OECustomProperty
@Alternate Data Stream - 147 bytes -> E:\ProgramData\Temp:A8665DF4
@Alternate Data Stream - 133 bytes -> E:\ProgramData\Temp:7631EA83
< End of report >
|
|
19.06.2013, 21:15
| #2 |
| /// the machine /// TB-Ausbilder    | BKA-Trojaner Win 7 Lenovo-Notebook Hi,
__________________poste das Log einfach in den Thread 
__________________ |
|
19.06.2013, 21:20
| #3 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hi,
__________________danke steht jetzt oben im ersten Eintrag Gruß Sven |
|
20.06.2013, 08:22
| #4 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-NotebookFixen mit OTL
Code:
ATTFilter :OTL
O20 - HKU\lindenau_ON_E Winlogon: Shell - (C:\Users\lindenau\AppData\Roaming\skype.dat) - E:\Users\lindenau\AppData\Roaming\skype.dat ()
[2013/06/19 12:13:13 | 000,000,004 | ---- | M] () -- E:\Users\lindenau\AppData\Roaming\skype.ini
:files
C:\Users\lindenau\AppData\Roaming\skype.dat
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.06.2013, 19:13
| #5 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hallo Schrauber, habe das Fix eingetragen und Run Fis gestartet. Das Programm war sehr schnell durch. Es wurde dann eine txt-Datei geöffnet, welche ich nur mit Mühe speichern konnte Neustart hat das Programm nicht gefordert. Ich habe dann einen Neustart durchgeführt. War das falsch??? Die CD-Klappe sprang auf. Ich habe den Rechner dann ohne Boot-CD gestartet. Es kam dann die Windows-Starthilfe. Windwos normal starten geht nicht ich bekomme einen Bluescreen (blitzt kurz auf) und dann lande ich wieder in der Starthilfe. Habe den Rechner jetzt wieder mit der Boot-CD gestartet. Auf dem Desktop ist kein _OTL-Ordner zu finden, aber im angegebenen Verzeichnis Hier der gewünschte Code: ========== OTL ========== Registry value HKEY_USERS\lindenau_ON_E\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\lindenau\AppData\Roaming\skype.dat deleted successfully. E:\Users\lindenau\AppData\Roaming\skype.dat moved successfully. E:\Users\lindenau\AppData\Roaming\skype.ini moved successfully. ========== FILES ========== File\Folder C:\Users\lindenau\AppData\Roaming\skype.dat not found. OTLPE by OldTimer - Version 3.1.48.0 log created on 06212013_015724 Vielen Dank für deine Hilfe Gruß Sven P.S: Kann es sein, dass das Reatogo Probleme mit größern USB-Sticks bzw. USB-Festplatten hat? Ich habe es gerade noch geschafft einen alten 1GB-Stick ans laufen zu kriegen. Hast du da vielleicht auch noch einen Tipp, damit ich evtl. paralell Fotos etc. sichern kann Danke |
|
21.06.2013, 07:36
| #6 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-Notebook Was für einen Bluescreen. Lass OTL mal weg und mach bitte folgendes: Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ --> BKA-Trojaner Win 7 Lenovo-Notebook |
|
21.06.2013, 13:47
| #7 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hallo, hier die Auswertung des Scans: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 01
Ran by SYSTEM on 21-06-2013 22:43:59
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [17412200 2010-04-06] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [2598280 2010-03-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [111640 2009-09-30] ()
HKLM-x32\...\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-18] (Vimicro)
HKLM-x32\...\Run: [VitaKeyTSR] "C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe" [376176 2010-05-27] (Egis Technology Inc. )
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35184 2008-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [171104 2010-03-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-05-19] (Egis Technology Inc. )
HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1644680 2013-01-28] (Ask)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [1074736 2013-05-21] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-05-21] (Iminent)
HKU\Default\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [786760 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [786760 2009-07-26] (Microsoft Corporation)
HKU\lindenau\...\Run: [ReadyComm5] C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe -TrayMode [1501000 2009-09-22] (Lenovo Group Limited)
HKU\lindenau\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-05] (DT Soft Ltd)
HKU\lindenau\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-02-01] (Google Inc.)
HKU\lindenau\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [248208 2013-03-21] (TomTom)
HKU\lindenau\...\Run: [AVMUSBFernanschluss] "C:\Users\lindenau\AppData\Local\Apps\2.0\T7PAYA51.71K\G6QK145W.V4P\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [139264 2012-12-25] (AVM Berlin)
HKU\lindenau\...\Run: [{890DCACB-E4ED-AD7F-60A3-E4DC5E20C7C1}] C:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe [225280 2010-12-26] (Madison Media Software, Inc.)
HKU\lindenau\...\Run: [Luxe] C:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe [225280 2010-12-26] (Madison Media Software, Inc.)
HKU\lindenau\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKU\UpdatusUser\...\Run: [FactoryTest] C:\Windows\Test.bat [x]
HKU\UpdatusUser\...\Run: [Power2GoExpress] "C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe" /Startup [2532648 2009-07-13] (Cyberlink)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [95848 2010-04-07] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll [89704 2010-04-07] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
Startup: C:\Users\lindenau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Services (Whitelisted) =================
S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] ()
S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
S2 EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe [314736 2010-05-27] (Egis Technology Inc. )
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [322416 2010-05-19] (Egis Technology Inc. )
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-15] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
S2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.)
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2839592 2013-05-21] (Iminent)
S2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] ()
S2 Crypkey License; crypserv.exe [x]
==================== Drivers (Whitelisted) ====================
S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116480 2012-12-25] (AVM Berlin)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-25] (AVM Berlin)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-15] (Lenovo)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-01-26] (DT Soft Ltd)
S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-26] (Duplex Secure Ltd.)
S3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
S3 XG762_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2011-03-20] (Atheros Communications, Inc.)
S3 ZY760_64; C:\Windows\System32\DRIVERS\WlanUZ64.SYS [493696 2006-06-02] (ZyDAS Technology Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-21 22:43 - 2013-06-21 22:43 - 00000000 ____D C:\FRST
2013-06-19 19:50 - 2013-06-19 19:50 - 00000000 ____D C:\_OTL
2013-06-19 19:00 - 2013-06-19 22:59 - 00189058 ____A C:\OTL.Txt
2013-06-19 19:00 - 2013-06-19 19:00 - 00023556 ____A C:\Extras.Txt
2013-06-16 00:58 - 2013-06-16 00:58 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\File Scout
2013-06-16 00:58 - 2013-05-28 05:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-14 22:51 - 2013-06-14 23:06 - 165472394 ____A C:\Users\lindenau\Downloads\Krimis_fuer_Kids.zip
2013-06-01 07:06 - 2013-06-01 07:08 - 00000000 ____D C:\Users\lindenau\Documents\Aimersoft DRM Media Converter
2013-06-01 07:04 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(5).sys
2013-06-01 07:03 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(4).sys
2013-06-01 07:02 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(3).sys
2013-06-01 07:01 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(2).sys
2013-06-01 07:00 - 2013-06-01 07:00 - 00001331 ____A C:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
2013-06-01 07:00 - 2013-06-01 07:00 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2013-06-01 07:00 - 2011-01-15 04:08 - 00153600 ____A C:\Windows\SysWOW64\WS_ATLMovie.dll
2013-06-01 07:00 - 2010-12-24 05:27 - 00892928 ____A (Free Software Foundation) C:\Windows\SysWOW64\iconv.dll
2013-06-01 07:00 - 2010-12-24 05:27 - 00675840 ____A () C:\Windows\SysWOW64\ac3filter.ax
2013-06-01 07:00 - 2010-12-24 05:27 - 00496640 ____A C:\Windows\SysWOW64\xvid.ax
2013-06-01 07:00 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(1).sys
2013-06-01 06:57 - 2013-06-01 06:59 - 12413240 ____A (Aimersoft Software ) C:\Users\lindenau\Downloads\almedia-converter_full351_573601.exe
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\FreeAudioPack
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-01 06:38 - 2011-09-29 04:20 - 02084864 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDesign.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 01986560 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudFile.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 01212416 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioInfos.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00484352 ____A C:\Windows\SysWOW64\lame_enc.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00479232 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioVisu.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00458752 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudPlayer.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00454656 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioRecord.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00417792 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDisplay.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00348160 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\WMAFile.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00307200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00164144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMCT232.OCX
2013-06-01 06:38 - 2011-09-29 04:20 - 00116296 ____A C:\Windows\SysWOW64\NCTWMAProfiles.prx
2013-06-01 06:38 - 2011-09-29 04:19 - 00224016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00115920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinet.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mscc2fr.dll
2013-06-01 06:38 - 2011-09-29 04:19 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetfr.DLL
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Iminent
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\ProgramData\Iminent
2013-06-01 06:36 - 2013-06-01 06:37 - 00000620 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-01 06:36 - 2013-06-01 06:37 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-01 06:36 - 2013-06-01 06:36 - 00458744 ____A (Bandoo Media Inc) C:\Users\lindenau\Downloads\Setup21_FreeConverter.exe
2013-06-01 06:34 - 2013-06-18 21:25 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-01 06:34 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Delta
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\BabSolution
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-01 06:31 - 2013-06-01 06:32 - 02812128 ____A C:\Users\lindenau\Downloads\installer_fairuse4wm_1_3_Deutsch.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00263680 ____A (Anonymous) C:\Users\lindenau\Downloads\fairuse4wm.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00000000 ____A C:\Users\lindenau\Documents\blackbox-keys.txt
2013-05-31 22:51 - 2013-05-31 22:57 - 42562296 ____A C:\Users\lindenau\Downloads\Bibi und Tina - Der Pferdedieb.wma
2013-05-25 08:51 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-25 07:14 - 2013-05-25 07:14 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-25 07:05 - 2013-05-25 07:05 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:02 - 2013-05-25 07:23 - 00011058 ____A C:\Windows\IE10_main.log
==================== One Month Modified Files and Folders =======
2013-06-21 22:43 - 2013-06-21 22:43 - 00000000 ____D C:\FRST
2013-06-20 21:54 - 2010-12-27 07:10 - 00000000 ____D C:\Eigene Dateien
2013-06-19 22:59 - 2013-06-19 19:00 - 00189058 ____A C:\OTL.Txt
2013-06-19 19:50 - 2013-06-19 19:50 - 00000000 ____D C:\_OTL
2013-06-19 19:00 - 2013-06-19 19:00 - 00023556 ____A C:\Extras.Txt
2013-06-19 18:54 - 2010-12-24 16:34 - 00000000 ____D C:\users\lindenau
2013-06-19 08:13 - 2011-01-18 23:53 - 00000813 ____A C:\ProgramData\profile.xml
2013-06-19 08:12 - 2011-09-06 08:22 - 00023560 ____A C:\Windows\error.log
2013-06-19 08:12 - 2011-09-06 08:22 - 00005432 ____A C:\Windows\errord.log
2013-06-19 08:12 - 2011-02-01 08:06 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-19 08:12 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-19 08:12 - 2009-07-13 20:51 - 00069925 ____A C:\Windows\setupact.log
2013-06-18 21:51 - 2010-08-26 18:16 - 01775258 ____A C:\Windows\WindowsUpdate.log
2013-06-18 21:51 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 21:51 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 21:25 - 2013-06-01 06:34 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-18 21:25 - 2010-08-26 18:31 - 00087378 ____A C:\Windows\PFRO.log
2013-06-18 21:22 - 2012-12-30 04:07 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 21:04 - 2011-02-01 08:06 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-17 12:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 09:12 - 2013-02-24 08:46 - 00495104 __ASH C:\Users\lindenau\Desktop\Thumbs.db
2013-06-16 00:58 - 2013-06-16 00:58 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\File Scout
2013-06-14 23:06 - 2013-06-14 22:51 - 165472394 ____A C:\Users\lindenau\Downloads\Krimis_fuer_Kids.zip
2013-06-12 10:22 - 2012-12-30 04:07 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 10:22 - 2012-12-30 04:07 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 03:16 - 2010-08-27 02:01 - 00654400 ____A C:\Windows\System32\perfh007.dat
2013-06-11 03:16 - 2010-08-27 02:01 - 00130240 ____A C:\Windows\System32\perfc007.dat
2013-06-11 03:16 - 2009-07-13 21:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-01 07:08 - 2013-06-01 07:06 - 00000000 ____D C:\Users\lindenau\Documents\Aimersoft DRM Media Converter
2013-06-01 07:00 - 2013-06-01 07:00 - 00001331 ____A C:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
2013-06-01 07:00 - 2013-06-01 07:00 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2013-06-01 06:59 - 2013-06-01 06:57 - 12413240 ____A (Aimersoft Software ) C:\Users\lindenau\Downloads\almedia-converter_full351_573601.exe
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\FreeAudioPack
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Iminent
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\ProgramData\Iminent
2013-06-01 06:37 - 2013-06-01 06:36 - 00000620 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-01 06:37 - 2013-06-01 06:36 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-01 06:36 - 2013-06-01 06:36 - 00458744 ____A (Bandoo Media Inc) C:\Users\lindenau\Downloads\Setup21_FreeConverter.exe
2013-06-01 06:34 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-01 06:34 - 2013-05-25 08:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Delta
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\BabSolution
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-01 06:32 - 2013-06-01 06:31 - 02812128 ____A C:\Users\lindenau\Downloads\installer_fairuse4wm_1_3_Deutsch.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00263680 ____A (Anonymous) C:\Users\lindenau\Downloads\fairuse4wm.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00000000 ____A C:\Users\lindenau\Documents\blackbox-keys.txt
2013-05-31 22:57 - 2013-05-31 22:51 - 42562296 ____A C:\Users\lindenau\Downloads\Bibi und Tina - Der Pferdedieb.wma
2013-05-28 05:05 - 2013-06-16 00:58 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-05-26 05:02 - 2012-12-29 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-25 08:00 - 2009-07-13 20:45 - 00428800 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-25 07:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-25 07:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-25 07:26 - 2011-01-26 08:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-25 07:23 - 2013-05-25 07:02 - 00011058 ____A C:\Windows\IE10_main.log
2013-05-25 07:14 - 2013-05-25 07:14 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-25 07:05 - 2013-05-25 07:05 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 06:48 - 2009-07-13 18:34 - 00000510 ____A C:\Windows\win.ini
2013-05-25 05:52 - 2012-12-29 03:20 - 00000000 ____D C:\Users\lindenau\Documents\Mein Steuer-Sparbuch Heute
2013-05-24 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
Files to move or delete:
====================
C:\Users\lindenau\install.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-05-25 06:45:37
Restore point made on: 2013-05-30 06:32:57
Restore point made on: 2013-06-01 07:00:43
Restore point made on: 2013-06-01 07:02:01
Restore point made on: 2013-06-01 07:03:06
Restore point made on: 2013-06-01 07:04:15
Restore point made on: 2013-06-01 07:05:24
Restore point made on: 2013-06-11 21:39:34
Restore point made on: 2013-06-16 01:13:27
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 3828.43 MB
Available physical RAM: 3193.8 MB
Total Pagefile: 3826.58 MB
Available Pagefile: 3180.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:552.22 GB) (Free:327.63 GB) NTFS (Disk=0 Partition=2)
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.81 GB) NTFS (Disk=0 Partition=4)
Drive g: (JULES MP3) (Removable) (Total:0.92 GB) (Free:0.92 GB) FAT (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 05B91392)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=552 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
LastRegBack: 2013-06-16 01:16
==================== End Of Log ============================
Danke dir Sven |
|
21.06.2013, 19:20
| #8 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-Notebook Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\lindenau\...\Run: [Luxe] C:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe [225280 2010-12-26] (Madison Media Software, Inc.)
HKU\lindenau\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKU\UpdatusUser\...\Run: [FactoryTest] C:\Windows\Test.bat [x]
C:\Users\lindenau\AppData\Roaming\Ajevvi
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.06.2013, 07:28
| #9 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Guten Morgen, hier der Inhalt der Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2013 01
Ran by SYSTEM at 2013-06-22 18:26:20 Run:1
Running from G:\
Boot Mode: Recovery
==============================================
HKU\lindenau\Software\Microsoft\Windows\CurrentVersion\Run\\Luxe => Value deleted successfully.
HKU\lindenau\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\Run\\FactoryTest => Value deleted successfully.
C:\Users\lindenau\AppData\Roaming\Ajevvi => Moved successfully.
==== End of Fixlog ====
Sven |
|
22.06.2013, 13:09
| #10 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-Notebook Normal booten?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.06.2013, 16:30
| #11 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hi, nein leider nicht. Ich bekomme weiterhin einen Bluescreen. Der blitzt < 1 sek auf und dann startet der Rechner neu durch und ich komme in die Aufforderungsmaske WIndows normal starten oder mit Eingabe aufforderung. Danke Sven |
|
22.06.2013, 18:47
| #12 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-Notebook Neu booten, schnell F8 drücken, da sollte im Menü ein Punkt sein "automatischen neustart bei bluescreen deaktiveren". Das wählen, neu booten, Bluescreen Meldung abschreiben und hier posten. Ausserdem bitte ein frisches FRST Log aus der recovery.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.06.2013, 07:48
| #13 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hier der Bluescreen Text: A problem has been detected ans windows has been shut down to prevent damage to your computer. If this ist the first time you´ve senn this stop error screen, restart your computer. If this screen appears again, follow this steps: Check for viruses on your computer. Remove any newly installd hard drives or hard drive controllers. Check hard drive ta make sure it is properly configured an terminated. Run CHKDSK / F toch check for hard drive corruption, an then restart your computer. Technical information: *** Stop: 0x0000007B / 0xFFFFF880009A9928, 0xFFFFFFFFC0000034, 0x0000000000000000, 0x0000000000000000) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013 01
Ran by SYSTEM on 23-06-2013 18:44:56
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [17412200 2010-04-06] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10821224 2010-06-02] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [2598280 2010-03-28] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056800 2010-03-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [111640 2009-09-30] ()
HKLM-x32\...\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-18] (Vimicro)
HKLM-x32\...\Run: [VitaKeyTSR] "C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe" [376176 2010-05-27] (Egis Technology Inc. )
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35184 2008-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [171104 2010-03-02] (CyberLink Corp.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-05-19] (Egis Technology Inc. )
HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1644680 2013-01-28] (Ask)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C" [1074736 2013-05-21] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-05-21] (Iminent)
HKU\Default\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [786760 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [786760 2009-07-26] (Microsoft Corporation)
HKU\lindenau\...\Run: [ReadyComm5] C:\Program Files (x86)\Lenovo\ReadyComm\ReadyComm.exe -TrayMode [1501000 2009-09-22] (Lenovo Group Limited)
HKU\lindenau\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-05] (DT Soft Ltd)
HKU\lindenau\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-02-01] (Google Inc.)
HKU\lindenau\...\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [248208 2013-03-21] (TomTom)
HKU\lindenau\...\Run: [AVMUSBFernanschluss] "C:\Users\lindenau\AppData\Local\Apps\2.0\T7PAYA51.71K\G6QK145W.V4P\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [139264 2012-12-25] (AVM Berlin)
HKU\lindenau\...\Run: [{890DCACB-E4ED-AD7F-60A3-E4DC5E20C7C1}] C:\Users\lindenau\AppData\Roaming\Ajevvi\luxe.exe [x]
HKU\UpdatusUser\...\Run: [Power2GoExpress] "C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe" /Startup [2532648 2009-07-13] (Cyberlink)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [95848 2010-04-07] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll [89704 2010-04-07] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe ()
Startup: C:\Users\lindenau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Services (Whitelisted) =================
S2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] ()
S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
S2 EgisTec Data Security Service; C:\Program Files (x86)\EgisTec BioExcess\EgisDSService.exe [314736 2010-05-27] (Egis Technology Inc. )
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [322416 2010-05-19] (Egis Technology Inc. )
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files (x86)\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files (x86)\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-15] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
S2 RtLedService; C:\Program Files\Realtek\RtLED\RtLEDService.exe [311296 2010-02-05] (Realtek Semiconductor Corp.)
S2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2839592 2013-05-21] (Iminent)
S2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] ()
S2 Crypkey License; crypserv.exe [x]
==================== Drivers (Whitelisted) ====================
S3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116480 2012-12-25] (AVM Berlin)
S3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-25] (AVM Berlin)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-15] (Lenovo)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-01-26] (DT Soft Ltd)
S1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-26] (Duplex Secure Ltd.)
S3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
S3 XG762_VS; C:\Windows\System32\DRIVERS\WlanGZG.sys [1041920 2011-03-20] (Atheros Communications, Inc.)
S3 ZY760_64; C:\Windows\System32\DRIVERS\WlanUZ64.SYS [493696 2006-06-02] (ZyDAS Technology Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-21 22:43 - 2013-06-21 22:43 - 00000000 ____D C:\FRST
2013-06-19 19:50 - 2013-06-19 19:50 - 00000000 ____D C:\_OTL
2013-06-19 19:00 - 2013-06-19 22:59 - 00189058 ____A C:\OTL.Txt
2013-06-19 19:00 - 2013-06-19 19:00 - 00023556 ____A C:\Extras.Txt
2013-06-16 00:58 - 2013-06-16 00:58 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\File Scout
2013-06-16 00:58 - 2013-05-28 05:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-14 22:51 - 2013-06-14 23:06 - 165472394 ____A C:\Users\lindenau\Downloads\Krimis_fuer_Kids.zip
2013-06-01 07:06 - 2013-06-01 07:08 - 00000000 ____D C:\Users\lindenau\Documents\Aimersoft DRM Media Converter
2013-06-01 07:04 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(5).sys
2013-06-01 07:03 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(4).sys
2013-06-01 07:02 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(3).sys
2013-06-01 07:01 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(2).sys
2013-06-01 07:00 - 2013-06-01 07:00 - 00001331 ____A C:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
2013-06-01 07:00 - 2013-06-01 07:00 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2013-06-01 07:00 - 2011-01-15 04:08 - 00153600 ____A C:\Windows\SysWOW64\WS_ATLMovie.dll
2013-06-01 07:00 - 2010-12-24 05:27 - 00892928 ____A (Free Software Foundation) C:\Windows\SysWOW64\iconv.dll
2013-06-01 07:00 - 2010-12-24 05:27 - 00675840 ____A () C:\Windows\SysWOW64\ac3filter.ax
2013-06-01 07:00 - 2010-12-24 05:27 - 00496640 ____A C:\Windows\SysWOW64\xvid.ax
2013-06-01 07:00 - 2010-12-24 05:27 - 00029288 ____A (Wondershare) C:\Windows\System32\Drivers\WsAudio_DeviceS(1).sys
2013-06-01 06:57 - 2013-06-01 06:59 - 12413240 ____A (Aimersoft Software ) C:\Users\lindenau\Downloads\almedia-converter_full351_573601.exe
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\FreeAudioPack
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-01 06:38 - 2011-09-29 04:20 - 02084864 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDesign.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 01986560 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudFile.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 01212416 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioInfos.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00484352 ____A C:\Windows\SysWOW64\lame_enc.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00479232 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioVisu.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00458752 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudPlayer.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00454656 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioRecord.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00417792 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDisplay.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00348160 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\WMAFile.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00307200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2013-06-01 06:38 - 2011-09-29 04:20 - 00164144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMCT232.OCX
2013-06-01 06:38 - 2011-09-29 04:20 - 00116296 ____A C:\Windows\SysWOW64\NCTWMAProfiles.prx
2013-06-01 06:38 - 2011-09-29 04:19 - 00224016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00115920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinet.OCX
2013-06-01 06:38 - 2011-09-29 04:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mscc2fr.dll
2013-06-01 06:38 - 2011-09-29 04:19 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTFR.DLL
2013-06-01 06:38 - 2011-09-29 04:19 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetfr.DLL
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Iminent
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\ProgramData\Iminent
2013-06-01 06:36 - 2013-06-01 06:37 - 00000620 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-01 06:36 - 2013-06-01 06:37 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-01 06:36 - 2013-06-01 06:36 - 00458744 ____A (Bandoo Media Inc) C:\Users\lindenau\Downloads\Setup21_FreeConverter.exe
2013-06-01 06:34 - 2013-06-18 21:25 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-01 06:34 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Delta
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\BabSolution
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-01 06:31 - 2013-06-01 06:32 - 02812128 ____A C:\Users\lindenau\Downloads\installer_fairuse4wm_1_3_Deutsch.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00263680 ____A (Anonymous) C:\Users\lindenau\Downloads\fairuse4wm.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00000000 ____A C:\Users\lindenau\Documents\blackbox-keys.txt
2013-05-31 22:51 - 2013-05-31 22:57 - 42562296 ____A C:\Users\lindenau\Downloads\Bibi und Tina - Der Pferdedieb.wma
2013-05-25 08:51 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-25 07:14 - 2013-05-25 07:14 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-25 07:05 - 2013-05-25 07:05 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:02 - 2013-05-25 07:23 - 00011058 ____A C:\Windows\IE10_main.log
==================== One Month Modified Files and Folders =======
2013-06-21 22:43 - 2013-06-21 22:43 - 00000000 ____D C:\FRST
2013-06-20 21:54 - 2010-12-27 07:10 - 00000000 ____D C:\Eigene Dateien
2013-06-19 22:59 - 2013-06-19 19:00 - 00189058 ____A C:\OTL.Txt
2013-06-19 19:50 - 2013-06-19 19:50 - 00000000 ____D C:\_OTL
2013-06-19 19:00 - 2013-06-19 19:00 - 00023556 ____A C:\Extras.Txt
2013-06-19 18:54 - 2010-12-24 16:34 - 00000000 ____D C:\users\lindenau
2013-06-19 08:13 - 2011-01-18 23:53 - 00000813 ____A C:\ProgramData\profile.xml
2013-06-19 08:12 - 2011-09-06 08:22 - 00023560 ____A C:\Windows\error.log
2013-06-19 08:12 - 2011-09-06 08:22 - 00005432 ____A C:\Windows\errord.log
2013-06-19 08:12 - 2011-02-01 08:06 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-19 08:12 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-19 08:12 - 2009-07-13 20:51 - 00069925 ____A C:\Windows\setupact.log
2013-06-18 21:51 - 2010-08-26 18:16 - 01775258 ____A C:\Windows\WindowsUpdate.log
2013-06-18 21:51 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 21:51 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 21:25 - 2013-06-01 06:34 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-18 21:25 - 2010-08-26 18:31 - 00087378 ____A C:\Windows\PFRO.log
2013-06-18 21:22 - 2012-12-30 04:07 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 21:04 - 2011-02-01 08:06 - 00001114 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-17 12:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-17 09:12 - 2013-02-24 08:46 - 00495104 __ASH C:\Users\lindenau\Desktop\Thumbs.db
2013-06-16 00:58 - 2013-06-16 00:58 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\File Scout
2013-06-14 23:06 - 2013-06-14 22:51 - 165472394 ____A C:\Users\lindenau\Downloads\Krimis_fuer_Kids.zip
2013-06-12 10:22 - 2012-12-30 04:07 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 10:22 - 2012-12-30 04:07 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 03:16 - 2010-08-27 02:01 - 00654400 ____A C:\Windows\System32\perfh007.dat
2013-06-11 03:16 - 2010-08-27 02:01 - 00130240 ____A C:\Windows\System32\perfc007.dat
2013-06-11 03:16 - 2009-07-13 21:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-01 07:08 - 2013-06-01 07:06 - 00000000 ____D C:\Users\lindenau\Documents\Aimersoft DRM Media Converter
2013-06-01 07:00 - 2013-06-01 07:00 - 00001331 ____A C:\Users\lindenau\Desktop\Aimersoft DRM Media Converter.lnk
2013-06-01 07:00 - 2013-06-01 07:00 - 00000000 ____D C:\Program Files (x86)\Aimersoft
2013-06-01 06:59 - 2013-06-01 06:57 - 12413240 ____A (Aimersoft Software ) C:\Users\lindenau\Downloads\almedia-converter_full351_573601.exe
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\FreeAudioPack
2013-06-01 06:38 - 2013-06-01 06:38 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Iminent
2013-06-01 06:37 - 2013-06-01 06:37 - 00000000 ____D C:\ProgramData\Iminent
2013-06-01 06:37 - 2013-06-01 06:36 - 00000620 ____A C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-06-01 06:37 - 2013-06-01 06:36 - 00000000 ____D C:\Program Files (x86)\Iminent
2013-06-01 06:36 - 2013-06-01 06:36 - 00458744 ____A (Bandoo Media Inc) C:\Users\lindenau\Downloads\Setup21_FreeConverter.exe
2013-06-01 06:34 - 2013-06-01 06:34 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-06-01 06:34 - 2013-05-25 08:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Delta
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Users\lindenau\AppData\Roaming\BabSolution
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\ProgramData\Babylon
2013-06-01 06:33 - 2013-06-01 06:33 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-01 06:32 - 2013-06-01 06:31 - 02812128 ____A C:\Users\lindenau\Downloads\installer_fairuse4wm_1_3_Deutsch.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00263680 ____A (Anonymous) C:\Users\lindenau\Downloads\fairuse4wm.exe
2013-06-01 06:29 - 2013-06-01 06:29 - 00000000 ____A C:\Users\lindenau\Documents\blackbox-keys.txt
2013-05-31 22:57 - 2013-05-31 22:51 - 42562296 ____A C:\Users\lindenau\Downloads\Bibi und Tina - Der Pferdedieb.wma
2013-05-28 05:05 - 2013-06-16 00:58 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-05-26 05:02 - 2012-12-29 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-25 08:00 - 2009-07-13 20:45 - 00428800 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-25 07:57 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-25 07:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-25 07:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-25 07:26 - 2011-01-26 08:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-25 07:23 - 2013-05-25 07:02 - 00011058 ____A C:\Windows\IE10_main.log
2013-05-25 07:14 - 2013-05-25 07:14 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-25 07:14 - 2013-05-25 07:14 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-25 07:14 - 2013-05-25 07:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-25 07:14 - 2013-05-25 07:14 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-25 07:14 - 2013-05-25 07:14 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-25 07:14 - 2013-05-25 07:14 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-25 07:14 - 2013-05-25 07:14 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-25 07:05 - 2013-05-25 07:05 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 07:05 - 2013-05-25 07:05 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-25 06:48 - 2009-07-13 18:34 - 00000510 ____A C:\Windows\win.ini
2013-05-25 05:52 - 2012-12-29 03:20 - 00000000 ____D C:\Users\lindenau\Documents\Mein Steuer-Sparbuch Heute
2013-05-24 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
Files to move or delete:
====================
C:\Users\lindenau\install.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-05-25 06:45:37
Restore point made on: 2013-05-30 06:32:57
Restore point made on: 2013-06-01 07:00:43
Restore point made on: 2013-06-01 07:02:01
Restore point made on: 2013-06-01 07:03:06
Restore point made on: 2013-06-01 07:04:15
Restore point made on: 2013-06-01 07:05:24
Restore point made on: 2013-06-11 21:39:34
Restore point made on: 2013-06-16 01:13:27
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 3828.43 MB
Available physical RAM: 3194.13 MB
Total Pagefile: 3826.58 MB
Available Pagefile: 3182.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:552.22 GB) (Free:327.63 GB) NTFS (Disk=0 Partition=2)
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.81 GB) NTFS (Disk=0 Partition=4)
Drive g: (JULES MP3) (Removable) (Total:0.92 GB) (Free:0.92 GB) FAT (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 05B91392)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=552 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
LastRegBack: 2013-06-16 01:16
==================== End Of Log ============================
--- --- --- Danke Sven [/CODE] |
|
23.06.2013, 09:06
| #14 |
| /// the machine /// TB-Ausbilder | BKA-Trojaner Win 7 Lenovo-Notebook Hi, F8 drücken beim Booten > Computer reparieren > Startreparatur Wenn das nicht hilft, Nochmal Computer reparieren > Eingabeaufforderung chkdsk /r
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.06.2013, 16:02
| #15 |
| | BKA-Trojaner Win 7 Lenovo-Notebook Hi, Startreperatur endete mit Problembericht senden ja/ nein - Admin ansprechen CHKDSK auf C: lief schnell durch keine Probleme auf D: lief schnell durch keine Probleme auf E: hat etwas länger gedauert ist aber durch gelaufen auf x  Boot) ging nicht schreibgeschütztWeiterhin der Bluescreen....hatte aber die Möglichkeit alle wichtigen Daten zu sichern und habe neben bei eine Win7-CD runtergeladen um ggfs. den Rechner neu aufzusetzen. Hast du noch eine Idee,oder lieber den ganzen Rechner neu aufsetzen? Danke Sven |
|
| Themen zu BKA-Trojaner Win 7 Lenovo-Notebook |
| bereits, bingbar, bka-trojaner, browserprotect.dll, ebook, einfügen, erstell, erstellt, heute, inhalt, intranet, morgen, notebook, otlpe, plug-in, pmmupdate.exe, schannel.dll, softwareupdater, sprotection, win, win 7 |
Textbox. 
Linear-Darstellung
