Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Copy to shortcut (https://www.trojaner-board.de/100491-copy-to-shortcut.html)

azael 19.06.2011 11:12
Copy to shortcut
 
Hallo miteinander,

habe ein Copy to Shortcuy wüstling. Der Otl Scan ergab folgendes:

OTL logfile created on: 6/19/2011 11:12:10 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Finanzamt\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.80 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.81% Memory free
7.60 Gb Paging File | 5.67 Gb Available in Paging File | 74.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215.78 Gb Total Space | 175.35 Gb Free Space | 81.27% Space Free | Partition Type: NTFS
Drive D: | 62.21 Gb Total Space | 61.18 Gb Free Space | 98.34% Space Free | Partition Type: NTFS

Computer Name: FINANZAMT-PC | User Name: Finanzamt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
PRC - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2011/06/07 17:51:12 | 000,421,160 | ---- | M] (Apple Inc.) -- D:\iTunesHelper.exe
PRC - [2011/06/01 22:44:15 | 001,546,640 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\PROGRA~2\Bandoo\Bandoo.exe
PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2011/01/20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- D:\ProgrammeDAEMON Tools Lite\DTLite.exe
PRC - [2010/09/16 22:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/04/07 15:40:06 | 000,843,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe


========== Modules (SafeList) ==========

MOD - [2011/06/19 09:23:26 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Finanzamt\Downloads\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/05/05 08:15:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/06/09 20:34:20 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2011/05/25 16:54:58 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\PROGRA~2\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2011/05/06 17:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/05 09:28:30 | 002,782,552 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/11/04 07:27:40 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/05 07:23:26 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/01 02:25:14 | 000,136,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/31 02:35:26 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/29 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/14 22:46:56 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/06/16 17:26:47 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2:64bit: - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110611213303.dll (McAfee, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll (Bandoo Media, inc)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (BandooIEPlugin Class) - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll (Bandoo Media Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [iTunesHelper] D:\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\ProgrammeDAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\datamngr.dll) - c:\progra~2\wi3c8a~1\datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\wi3c8a~1\datamngr\iebho.dll) - c:\progra~2\wi3c8a~1\datamngr\iebho.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~2\bandoo\bndhook.dll) - c:\progra~2\bandoo\bndhook.dll (Discordia Limited)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/19 08:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/16 22:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2011/06/16 22:49:53 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Youcam
[2011/06/15 05:18:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 05:18:54 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 05:18:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 05:18:53 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 05:18:53 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 05:18:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 05:18:53 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 05:18:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 05:18:53 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 05:18:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 05:18:52 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 05:18:52 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 05:18:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 05:18:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 05:18:22 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/14 05:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011/06/11 21:33:08 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
[2011/06/11 21:33:03 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2011/06/11 21:32:57 | 000,149,032 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2011/06/11 21:32:56 | 000,530,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfehidk.sys
[2011/06/11 21:32:56 | 000,441,840 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2011/06/11 21:32:56 | 000,283,744 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfewfpk.sys
[2011/06/11 21:32:56 | 000,190,520 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2011/06/11 21:32:56 | 000,121,376 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeapfk.sys
[2011/06/11 21:32:56 | 000,094,992 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2011/06/11 21:32:56 | 000,075,160 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2011/06/11 21:32:56 | 000,063,056 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2011/06/11 17:11:54 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Ilivid Player
[2011/06/11 17:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
[2011/06/11 17:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Bandoo
[2011/06/11 17:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bandoo
[2011/06/11 17:10:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4EF77D37-415C-4195-AE30-904ED23A3940}
[2011/06/11 17:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2011/06/11 17:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2011/06/11 17:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2011/06/11 17:07:57 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\PackageAware
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Passwort Knacker 1.0
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF-to-Word
[2011/06/11 15:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
[2011/06/11 07:58:55 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011/06/11 07:58:55 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011/06/11 07:58:55 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011/06/11 07:58:55 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011/06/11 07:58:55 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011/06/11 07:58:55 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011/06/11 07:58:55 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011/06/11 07:57:08 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2011/06/10 10:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2011/06/10 10:04:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011/06/10 10:04:47 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2011/06/10 10:04:45 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2011/06/10 10:04:44 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2011/06/10 10:04:44 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2011/06/10 10:04:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2011/06/10 10:04:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2011/06/10 03:29:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/06/10 03:29:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/06/10 03:29:35 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/06/10 03:29:35 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/06/10 03:29:35 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/06/10 03:29:35 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/06/10 03:29:35 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/06/10 03:29:34 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/06/10 03:29:34 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/06/10 03:29:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/06/10 03:29:31 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011/06/10 03:29:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011/06/10 03:29:29 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011/06/10 03:29:27 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011/06/10 03:29:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011/06/10 03:29:27 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011/06/10 03:29:26 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011/06/10 03:29:26 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011/06/10 03:29:26 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011/06/10 03:29:26 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011/06/10 03:29:26 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011/06/10 03:29:24 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011/06/10 03:28:54 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/10 03:28:53 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/10 03:28:53 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/10 03:28:44 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011/06/10 03:28:42 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/10 03:28:42 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/10 03:28:42 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/10 03:28:36 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/06/10 03:28:36 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/06/10 03:28:36 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/06/10 03:28:36 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/06/10 03:28:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011/06/10 03:28:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011/06/10 03:28:26 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/06/10 03:28:26 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/06/10 03:28:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/06/10 03:28:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/06/10 03:27:59 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/06/10 03:27:59 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/06/10 03:27:59 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011/06/10 03:27:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/06/10 03:27:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/06/10 03:27:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/06/10 03:27:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/06/10 03:27:45 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011/06/10 03:27:45 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011/06/10 03:27:43 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/06/10 03:27:30 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/06/10 03:27:26 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/06/10 03:27:26 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/06/10 03:27:26 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/06/10 03:27:26 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/06/10 03:27:26 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/06/10 03:27:26 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/06/10 03:27:26 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/06/10 03:27:19 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011/06/10 03:27:18 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011/06/10 03:27:17 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011/06/10 03:27:17 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011/06/10 03:27:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/06/10 03:27:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011/06/10 03:27:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011/06/10 03:27:12 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/06/10 03:27:12 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/06/10 03:27:11 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/06/10 03:27:11 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/06/10 03:27:10 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011/06/10 03:27:04 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011/06/10 03:27:04 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011/06/10 03:26:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011/06/09 23:37:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\vlc
[2011/06/09 23:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/09 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Apple Computer
[2011/06/09 23:27:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple Computer
[2011/06/09 23:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/09 23:27:04 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/06/09 23:27:04 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/06/09 23:27:04 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011/06/09 23:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/09 23:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/06/09 23:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/06/09 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apple
[2011/06/09 23:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/09 23:24:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011/06/09 23:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/09 23:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 23:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/09 20:38:41 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\Stream Catcher
[2011/06/09 20:36:17 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Diagnostics
[2011/06/09 20:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DATA BECKER Downloads
[2011/06/09 20:30:44 | 000,335,288 | ---- | C] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
[2011/06/09 20:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc
[2011/06/09 20:30:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2011/06/09 20:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DATA BECKER
[2011/06/09 20:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared
[2011/06/09 20:30:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2011/06/09 20:30:34 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/06/09 20:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/06/09 20:09:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DivX
[2011/06/09 20:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/06/09 20:09:39 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011/06/09 20:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/06/09 20:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011/06/09 20:09:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011/06/09 20:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/06/09 19:58:56 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/06/09 19:57:59 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Apps
[2011/06/09 19:57:58 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Deployment
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Macromedia
[2011/06/09 19:55:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Adobe
[2011/06/09 19:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/06/09 19:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011/06/09 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/06/09 19:52:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/06/09 19:50:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011/06/09 19:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/06/09 19:50:29 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft Help
[2011/06/09 19:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/06/09 19:50:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/06/09 19:45:21 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:45:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2011/06/09 19:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 19:42:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Google
[2011/06/09 19:35:05 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Google
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\ATI
[2011/06/09 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\ATI
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Searches
[2011/06/09 19:32:38 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/06/09 19:32:27 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Identities
[2011/06/09 19:32:23 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Contacts
[2011/06/09 19:32:20 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\VirtualStore
[2011/06/09 19:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/06/09 19:30:51 | 000,061,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/06/09 19:30:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/06/09 19:30:50 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2011/06/09 19:30:00 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/06/09 19:30:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/06/09 19:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/06/09 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/06/09 19:27:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/06/09 19:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/06/09 19:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/06/09 19:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/06/09 19:26:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/06/09 19:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/06/09 19:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\OberonGameConsole
[2011/06/09 19:23:13 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\Documents\My Pictures
[2011/06/09 19:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Pack
[2011/06/09 19:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Oberon Media
[2011/06/09 19:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game Pack
[2011/06/09 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Adobe
[2011/06/09 19:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/06/09 19:16:52 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/06/09 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2011/06/09 19:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Vorlagen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Verlauf
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Temporary Internet Files
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Startmenü
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\SendTo
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Recent
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Netzwerkumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Lokale Einstellungen
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Videos
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Musik
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Eigene Dateien
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Documents\Eigene Bilder
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Druckumgebung
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Cookies
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\AppData\Local\Anwendungsdaten
[2011/06/09 19:15:13 | 000,000,000 | -HSD | C] -- C:\Users\Finanzamt\Anwendungsdaten
[2011/06/09 19:15:12 | 000,000,000 | --SD | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Videos
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Saved Games
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Pictures
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Music
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Links
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Favorites
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Downloads
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Documents
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\Desktop
[2011/06/09 19:15:12 | 000,000,000 | R--D | C] -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/06/09 19:15:12 | 000,000,000 | -H-D | C] -- C:\Users\Finanzamt\AppData
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Temp
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Local\Microsoft
[2011/06/09 19:15:12 | 000,000,000 | ---D | C] -- C:\Users\Finanzamt\AppData\Roaming\Media Center Programs
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011/06/09 19:13:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011/06/09 19:13:31 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011/06/08 08:13:30 | 000,000,000 | ---D | C] -- C:\windiag

========== Files - Modified Within 30 Days ==========

[2011/06/19 11:03:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:20:16 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 08:13:34 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/06/19 08:11:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/19 08:11:48 | 4081,635,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/19 07:32:24 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/16 19:07:25 | 000,050,455 | ---- | M] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/16 18:24:20 | 000,419,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/16 17:28:36 | 000,002,425 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/14 06:40:39 | 001,802,864 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/11 23:22:54 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/11 23:22:54 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/06/11 23:22:54 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/11 23:22:54 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/06/11 23:22:54 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/11 18:33:53 | 004,787,762 | ---- | M] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:10:25 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | M] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:47 | 000,754,344 | ---- | M] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:53 | 000,718,844 | ---- | M] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:24 | 000,045,241 | ---- | M] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | M] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/09 23:35:23 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 20:44:23 | 007,531,487 | ---- | M] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:44 | 000,335,288 | ---- | M] (Protect Software GmbH) -- C:\Windows\SysNative\drivers\acedrv11.sys
[2011/06/09 20:30:36 | 000,001,612 | ---- | M] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:27 | 000,001,448 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | M] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:45:21 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/06/09 19:44:57 | 000,000,708 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:33:12 | 000,001,121 | ---- | M] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | M] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | M] () -- C:\Windows\0
[2011/06/09 19:15:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/09 12:12:21 | 000,052,870 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/05/25 16:55:28 | 001,524,112 | ---- | M] () -- C:\Windows\SysWow64\bandoolmx.dll

========== Files Created - No Company Name ==========

[2011/06/16 19:07:23 | 000,050,455 | ---- | C] () -- C:\Users\Finanzamt\Documents\Kinopark Aalen.pdf
[2011/06/14 06:40:51 | 001,802,864 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Kommunikation.pdf
[2011/06/12 07:30:48 | 002,137,707 | ---- | C] () -- C:\Users\Finanzamt\Desktop\383490290XPlanung.pdf
[2011/06/12 07:29:29 | 002,620,119 | ---- | C] () -- C:\Users\Finanzamt\Desktop\3834902225Scorecard.pdf
[2011/06/11 18:33:55 | 004,787,762 | ---- | C] () -- C:\Users\Finanzamt\Desktop\610_06_mp_pmgt1.pdf
[2011/06/11 17:11:25 | 001,524,112 | ---- | C] () -- C:\Windows\SysWow64\bandoolmx.dll
[2011/06/11 17:10:25 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2011/06/11 15:49:48 | 000,000,622 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDF Passwort Knacker 1.0.lnk
[2011/06/11 15:49:47 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011/06/11 15:43:45 | 000,754,344 | ---- | C] () -- C:\Users\Finanzamt\Desktop\advancedpdf2word_trial.exe
[2011/06/11 15:40:35 | 000,000,586 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Free PDF to Word Doc Converter.lnk
[2011/06/11 10:53:52 | 000,718,844 | ---- | C] () -- C:\Users\Finanzamt\Desktop\GlobalNetworking.png
[2011/06/10 20:27:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/06/10 10:09:38 | 000,045,241 | ---- | C] () -- C:\Users\Finanzamt\Documents\prüfungsplan.pdf
[2011/06/10 10:04:49 | 000,000,560 | ---- | C] () -- C:\Users\Finanzamt\Desktop\PDFCreator.lnk
[2011/06/10 10:04:45 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011/06/09 23:35:23 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/09 23:24:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/09 20:44:19 | 007,531,487 | ---- | C] () -- C:\Users\Finanzamt\Desktop\MSD_0.655.rar
[2011/06/09 20:30:36 | 000,001,612 | ---- | C] () -- C:\Users\Public\Desktop\Stream Catcher 2 FREE.lnk
[2011/06/09 20:12:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/09 20:12:26 | 000,001,448 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/06/09 20:10:15 | 000,001,621 | ---- | C] () -- C:\Users\Finanzamt\Desktop\DivX Movies.lnk
[2011/06/09 20:09:58 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2011/06/09 20:09:36 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/06/09 19:59:00 | 000,002,425 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Google Chrome.lnk
[2011/06/09 19:58:28 | 000,001,136 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001UA.job
[2011/06/09 19:58:27 | 000,001,084 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3457901039-3679683318-3372754741-1001Core.job
[2011/06/09 19:44:57 | 000,000,708 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/06/09 19:32:54 | 000,001,409 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/06/09 19:32:48 | 000,001,443 | ---- | C] () -- C:\Users\Finanzamt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/06/09 19:32:11 | 000,001,076 | ---- | C] () -- C:\Users\Finanzamt\Desktop\Ihre Meinung ist wichtig.lnk
[2011/06/09 19:23:38 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Game Pack.lnk
[2011/06/09 19:23:38 | 000,000,033 | ---- | C] () -- C:\Windows\0
[2011/06/09 19:18:32 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/06/09 19:16:52 | 000,001,121 | ---- | C] () -- C:\Users\Finanzamt\Desktop\CyberLink YouCam.lnk
[2011/06/09 19:15:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\144D_SAMSUNG_N_R530_08JV.mrk
[2011/03/11 03:20:29 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/03/11 03:20:29 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/03/11 03:20:29 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/03/11 03:20:27 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/03/11 03:20:25 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/06/01 19:03:25 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/01 18:56:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/01 03:58:24 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2010/06/01 03:12:53 | 000,001,612 | ---- | C] () -- C:\Windows\HotFixList.ini
[2010/06/01 03:04:55 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\Rezip.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

wie gehts jetzz weiter??

markusg 19.06.2011 15:40
hi, gehts bitte genauer, problembeschreibung wäre nett.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:30 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20