Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Copy to shortcut (https://www.trojaner-board.de/100491-copy-to-shortcut.html)

azael 19.06.2011 11:12
Copy to shortcut
 
Hallo miteinander,

habe ein Copy to Shortcuy wüstling. Der Otl Scan ergab folgendes:

OTL logfile created on: 6/19/2011 11:12:10 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Finanzamt\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.80 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.81% Memory free
7.60 Gb Paging File | 5.67 Gb Available in Paging File | 74.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.78 Gb Total Space | 175.35 Gb Free Space | 81.27% Space Free | Partition Type: NTFS
Drive D: | 62.21 Gb Total Space | 61.18 Gb Free Space | 98.34% Space Free | Partition Type: NTFS

Computer Name: FINANZAMT-PC | User Name: Finanzamt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
PRC - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- D:\iTunesHelper.exe
PRC - [2011/06/01 22:44:15 | 001,546,640 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\PROGRA~2\Bandoo\Bandoo.exe
PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\ProgrammeDAEMON Tools Lite\DTLite.exe
PRC - [2010/09/16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/04/07 15:40:06 | 000,843,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe


========== Modules (SafeList) ==========

MOD - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/05/05 08:15:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\PROGRA~2\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/05 09:28:30 | 002,782,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/11/04 07:27:40 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/05 07:23:26 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/01 02:25:14 | 000,136,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/31 02:35:26 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/29 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/14 22:46:56 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/16 17:26:47 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\ProgrammeDAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\datamngr.dll) - c:\progra~2\wi3c8a~1\datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\iebho.dll) - c:\progra~2\wi3c8a~1\datamngr\iebho.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - c:\progra~2\bandoo\bndhook.dll (Discordia Limited)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/19 08:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/16 22:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/06/16 22:49:53 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Youcam
[2011/06/15 05:18:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 05:18:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 05:18:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 05:18:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 05:18:53 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 05:18:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 05:18:53 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 05:18:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 05:18:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 05:18:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 05:18:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 05:18:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 05:18:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 05:18:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 05:18:22 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/14 05:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011/06/11 21:33:08 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
[2011/06/11 21:33:03 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2011/06/11 21:32:57 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2011/06/11 21:32:56 | 000,530,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2011/06/11 21:32:56 | 000,441,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2011/06/11 21:32:56 | 000,283,744 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2011/06/11 21:32:56 | 000,190,520 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2011/06/11 21:32:56 | 000,121,376 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2011/06/11 21:32:56 | 000,094,992 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2011/06/11 21:32:56 | 000,075,160 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2011/06/11 21:32:56 | 000,063,056 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2011/06/11 17:11:54 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Ilivid Player
[2011/06/11 17:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
[2011/06/11 17:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Bandoo
[2011/06/11 17:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandoo
[2011/06/11 17:10:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4EF77D37-415C-4195-AE30-904ED23A3940}
[2011/06/11 17:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2011/06/11 17:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2011/06/11 17:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2011/06/11 17:07:57 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\PackageAware
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2011/06/11 07:58:55 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011/06/11 07:58:55 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011/06/11 07:58:55 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011/06/11 07:58:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011/06/11 07:58:55 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011/06/11 07:58:55 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011/06/11 07:57:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2011/06/10 10:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011/06/10 10:04:47 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2011/06/10 10:04:45 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2011/06/10 10:04:44 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2011/06/10 10:04:44 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2011/06/10 10:04:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2011/06/10 10:04:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2011/06/10 03:29:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/06/10 03:29:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/06/10 03:29:35 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/06/10 03:29:35 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/06/10 03:29:35 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/06/10 03:29:35 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/06/10 03:29:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/06/10 03:29:34 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/06/10 03:29:34 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/06/10 03:29:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/06/10 03:29:31 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011/06/10 03:29:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011/06/10 03:29:29 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011/06/10 03:29:27 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/06/10 03:29:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/06/10 03:29:27 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011/06/10 03:29:26 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/06/10 03:29:26 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/06/10 03:29:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/06/10 03:29:26 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011/06/10 03:29:26 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011/06/10 03:29:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011/06/10 03:28:54 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/10 03:28:53 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/10 03:28:53 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/10 03:28:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011/06/10 03:28:42 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/10 03:28:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/10 03:28:42 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/10 03:28:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/06/10 03:28:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/06/10 03:28:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/06/10 03:28:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/06/10 03:28:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011/06/10 03:28:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011/06/10 03:28:26 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/06/10 03:28:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/06/10 03:28:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/06/10 03:28:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/06/10 03:27:59 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/06/10 03:27:59 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/06/10 03:27:59 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011/06/10 03:27:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/06/10 03:27:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/06/10 03:27:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/06/10 03:27:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/06/10 03:27:45 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011/06/10 03:27:45 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011/06/10 03:27:43 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/06/10 03:27:30 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/06/10 03:27:26 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/06/10 03:27:26 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/06/10 03:27:26 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/06/10 03:27:26 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/06/10 03:27:26 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/06/10 03:27:26 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/06/10 03:27:26 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/06/10 03:27:19 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011/06/10 03:27:18 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011/06/10 03:27:17 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011/06/10 03:27:17 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011/06/10 03:27:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/06/10 03:27:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011/06/10 03:27:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011/06/10 03:27:12 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/06/10 03:27:12 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/06/10 03:27:11 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/06/10 03:27:11 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/06/10 03:27:10 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/06/10 03:27:04 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/06/10 03:27:04 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/06/10 03:26:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011/06/09 23:37:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\vlc
[2011/06/09 23:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/09 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Apple Computer
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple Computer
[2011/06/09 23:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/09 23:27:04 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/06/09 23:27:04 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/06/09 23:27:04 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/09 23:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/06/09 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple
[2011/06/09 23:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/09 23:24:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 20:38:41 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Stream Catcher
[2011/06/09 20:36:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Diagnostics
[2011/06/09 20:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DATA BECKER Downloads
[2011/06/09 20:30:44 | 000,335,288 | ---- | C] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc
[2011/06/09 20:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2011/06/09 20:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
[2011/06/09 20:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared
[2011/06/09 20:30:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2011/06/09 20:30:34 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/06/09 20:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/06/09 20:09:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DivX
[2011/06/09 20:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/09 20:09:39 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011/06/09 20:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/06/09 20:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/06/09 20:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/06/09 20:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/06/09 19:58:56 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/06/09 19:57:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apps
[2011/06/09 19:57:58 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Deployment
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Macromedia
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Adobe
[2011/06/09 19:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/06/09 19:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/06/09 19:52:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/06/09 19:50:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011/06/09 19:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/06/09 19:50:29 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft Help
[2011/06/09 19:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/06/09 19:50:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/06/09 19:45:21 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2011/06/09 19:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Google
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Google
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\ATI
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\ATI
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Searches
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/06/09 19:32:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Identities
[2011/06/09 19:32:23 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Contacts
[2011/06/09 19:32:20 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\VirtualStore
[2011/06/09 19:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/06/09 19:30:51 | 000,061,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/06/09 19:30:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/06/09 19:30:50 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2011/06/09 19:30:00 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/06/09 19:30:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/06/09 19:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/06/09 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/06/09 19:27:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/06/09 19:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/06/09 19:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/06/09 19:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/06/09 19:26:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/06/09 19:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/06/09 19:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\OberonGameConsole
[2011/06/09 19:23:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\My Pictures
[2011/06/09 19:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Pack
[2011/06/09 19:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Oberon Media
[2011/06/09 19:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Pack
[2011/06/09 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Adobe
[2011/06/09 19:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/06/09 19:16:52 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/06/09 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011/06/09 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Vorlagen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Verlauf
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Temporary Internet Files
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Startmenü
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\SendTo
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Recent
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Netzwerkumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Lokale Einstellungen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Videos
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Musik
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Eigene Dateien
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Bilder
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Druckumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Cookies
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Anwendungsdaten
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Anwendungsdaten
[2011/06/09 19:15:12 | 000,000,000 | --SD | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Videos
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Saved Games
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Pictures
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Music
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Links
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Favorites
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Downloads
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Documents
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Desktop
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/06/09 19:15:12 | 000,000,000 | -H-D | C] -- C:\Users\Finanzamt\AppData
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Temp
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Media Center Programs
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011/06/08 08:13:30 | 000,000,000 | ---D | C] -- C:\windiag

========== Files - Modified Within 30 Days ==========

[2011/06/19 11:03:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:13:34 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/19 08:11:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/19 08:11:48 | 4081,635,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/19 07:32:24 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/16 19:07:25 | 000,050,455 | ---- | M] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/16 18:24:20 | 000,419,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/16 17:28:36 | 000,002,425 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/14 06:40:39 | 001,802,864 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/11 23:22:54 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/11 23:22:54 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/06/11 23:22:54 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/11 23:22:54 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/06/11 23:22:54 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/11 18:33:53 | 004,787,762 | ---- | M] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:10:25 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | M] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:47 | 000,754,344 | ---- | M] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:53 | 000,718,844 | ---- | M] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:24 | 000,045,241 | ---- | M] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/09 23:35:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 20:44:23 | 007,531,487 | ---- | M] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:36 | 000,001,612 | ---- | M] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:27 | 000,001,448 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | M] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:44:57 | 000,000,708 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:33:12 | 000,001,121 | ---- | M] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | M] () -- C:\Windows\0
[2011/06/09 19:15:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/05/25 16:55:28 | 001,524,112 | ---- | M] () -- C:\Windows\SysWow64\bandoolmx.dll

========== Files Created - No Company Name ==========

[2011/06/16 19:07:23 | 000,050,455 | ---- | C] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/14 06:40:51 | 001,802,864 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/12 07:30:48 | 002,137,707 | ---- | C] () -- C:\Users\Finanzamt\Desktop\383490290XPlanung.pdf
[2011/06/12 07:29:29 | 002,620,119 | ---- | C] () -- C:\Users\Finanzamt\Desktop\3834902225Scorecard.pdf
[2011/06/11 18:33:55 | 004,787,762 | ---- | C] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:11:25 | 001,524,112 | ---- | C] () -- C:\Windows\SysWow64\bandoolmx.dll
[2011/06/11 17:10:25 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:45 | 000,754,344 | ---- | C] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:52 | 000,718,844 | ---- | C] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:38 | 000,045,241 | ---- | C] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/10 10:04:45 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011/06/09 23:35:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 23:24:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/09 20:44:19 | 007,531,487 | ---- | C] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:36 | 000,001,612 | ---- | C] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/09 20:12:26 | 000,001,448 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | C] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:59:00 | 000,002,425 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/09 19:58:28 | 000,001,136 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/09 19:58:27 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/09 19:44:57 | 000,000,708 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:32:54 | 000,001,409 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/06/09 19:32:48 | 000,001,443 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | C] () -- C:\Windows\0
[2011/06/09 19:18:32 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/06/09 19:16:52 | 000,001,121 | ---- | C] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:15:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/03/11 03:20:29 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/03/11 03:20:29 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/03/11 03:20:29 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/03/11 03:20:27 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/03/11 03:20:25 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/06/01 19:03:25 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/01 18:56:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/01 03:58:24 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2010/06/01 03:12:53 | 000,001,612 | ---- | C] () -- C:\Windows\HotFixList.ini
[2010/06/01 03:04:55 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\Rezip.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

wie gehts jetzz weiter??

markusg 19.06.2011 15:40
hi, gehts bitte genauer, problembeschreibung wäre nett.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:24 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130