Trojaner-Board - Malewarebite meldet Infektion in Installationsdatei

O.k. loß geht es.

Nummer 1:

Code:

OTL logfile created on: 03.11.2013 19:32:46 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = G:\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,81% Memory free

2,59 Gb Paging File | 2,19 Gb Available in Paging File | 84,41% Paging File free

Paging file location(s): C:\pagefile.sys 766 766 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programme

Drive C: | 2,92 Gb Total Space | 0,55 Gb Free Space | 18,69% Space Free | Partition Type: FAT32

Drive D: | 11,98 Gb Total Space | 11,75 Gb Free Space | 98,01% Space Free | Partition Type: FAT32

Drive E: | 3,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive G: | 40,95 Gb Total Space | 28,12 Gb Free Space | 68,67% Space Free | Partition Type: FAT32

 

Computer Name: TABLET | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - G:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)

PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)

PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)

PRC - D:\Programme\Fujitsu\Utils\FjDspMon.exe (Fujitsu PC Corporation)

PRC - D:\Programme\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)

PRC - D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

PRC - D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

PRC - D:\Programme\Fujitsu\Utils\FjEvents.exe (Fujitsu PC Corporation)

PRC - C:\WINDOWS\system32\digtizer.exe (WACOM)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - D:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

MOD - D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (MozillaMaintenance) -- D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (MBAMService) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (TabletService) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)

SRV - (Digitizer) -- C:\WINDOWS\system32\digtizer.exe (WACOM)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (pwdrvio) -- C:\WINDOWS\system32\pwdrvio.sys ()

DRV - (pwdspio) -- C:\WINDOWS\system32\pwdspio.sys ()

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (WacomISDPen) -- C:\WINDOWS\system32\drivers\wacomisdpen.sys (Wacom Technology)

DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (ATSWPDRV) -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys (AuthenTec, Inc.)

DRV - (hidpen) -- C:\WINDOWS\system32\drivers\hidpen.sys (Wacom Co., Ltd)

DRV - (Fjbtndrv) -- C:\WINDOWS\system32\drivers\FjBtndrv.sys (Fujitsu Computer Systems Corporation)

DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\..\SearchScopes,DefaultScope = 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "https://www.google.de/"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0

FF - user.js - File not found

 

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: D:\Programme\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins

 

[2013.10.29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions

[2013.10.29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\tu8g0mie.default\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\browser\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (Default) -- D:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\distribution\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- D:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

 

O1 HOSTS File: ([2002.12.31 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ATSwpNav] D:\Programme\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)

O4 - HKLM..\Run: [FjDspMon] D:\Programme\Fujitsu\Utils\FjDspMon.exe (Fujitsu PC Corporation)

O4 - HKLM..\Run: [FjEvents] D:\Programme\Fujitsu\Utils\FjEvents.exe (Fujitsu PC Corporation)

O4 - HKLM..\Run: [Fujitsu Menu] D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

O4 - HKLM..\Run: [IR-KeyboardApp] D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF42C820-03A7-4E1A-9F0A-A2ABAEE9ADBE}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013.10.29 17:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.11.03 09:09:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2013.11.03 08:59:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2013.11.02 22:24:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Utils

[2013.11.02 22:15:00 | 000,000,000 | ---D | C] -- C:\FRST

[2013.11.02 22:12:21 | 001,089,445 | ---- | C] (Farbar) -- C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe

[2013.11.02 22:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\0D0S1L2Z1P1B

[2013.11.02 22:08:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google

[2013.11.01 03:53:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles

[2013.10.31 19:29:18 | 000,000,000 | ---D | C] -- G:\Eigene Dateien\Arbeitskopie

[2013.10.31 19:25:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN

[2013.10.31 19:25:24 | 000,000,000 | ---D | C] -- D:\Programme\VideoLAN

[2013.10.31 19:22:42 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2013.10.31 19:22:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2013.10.29 22:53:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2013.10.29 22:00:40 | 000,102,400 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtizer.cpl

[2013.10.29 22:00:40 | 000,061,440 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtizer.exe

[2013.10.29 22:00:40 | 000,045,056 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digusr.exe

[2013.10.29 22:00:40 | 000,045,056 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtiz32.dll

[2013.10.29 22:00:40 | 000,031,104 | ---- | C] (Wacom Co., Ltd) -- C:\WINDOWS\System32\drivers\hidpen.sys

[2013.10.29 22:00:40 | 000,000,000 | -H-D | C] -- D:\Programme\InstallShield Installation Information

[2013.10.29 22:00:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers

[2013.10.29 22:00:02 | 000,000,000 | ---D | C] -- D:\Programme\Fujitsu

[2013.10.29 21:58:19 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll

[2013.10.29 21:58:19 | 000,000,000 | ---D | C] -- D:\Programme\AuthenTec

[2013.10.29 21:56:30 | 003,276,800 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll

[2013.10.29 21:56:30 | 002,363,392 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll

[2013.10.29 21:56:30 | 002,262,528 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll

[2013.10.29 21:56:30 | 001,442,848 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll

[2013.10.29 21:56:30 | 000,454,656 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll

[2013.10.29 21:56:30 | 000,450,560 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe

[2013.10.29 21:56:30 | 000,312,320 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difx32.dll

[2013.10.29 21:56:30 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc

[2013.10.29 21:56:30 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc

[2013.10.29 21:56:30 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc

[2013.10.29 21:56:30 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc

[2013.10.29 21:56:30 | 000,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc

[2013.10.29 21:56:30 | 000,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc

[2013.10.29 21:56:30 | 000,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc

[2013.10.29 21:56:30 | 000,146,432 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll

[2013.10.29 21:56:30 | 000,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc

[2013.10.29 21:56:30 | 000,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc

[2013.10.29 21:56:30 | 000,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc

[2013.10.29 21:56:30 | 000,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc

[2013.10.29 21:56:30 | 000,106,496 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll

[2013.10.29 21:56:30 | 000,094,208 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl

[2013.10.29 21:56:30 | 000,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll

[2013.10.29 21:56:30 | 000,057,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll

[2013.10.29 21:56:30 | 000,053,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll

[2013.10.29 21:56:30 | 000,044,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll

[2013.10.29 21:56:30 | 000,023,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll

[2013.10.29 21:56:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2013.10.29 21:56:26 | 000,364,544 | R--- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\igxpun.exe

[2013.10.29 21:56:26 | 000,312,320 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll

[2013.10.29 21:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2013.10.29 21:55:25 | 000,000,000 | ---D | C] -- D:\Programme\Fingerprint Sensor

[2013.10.29 21:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WTablet

[2013.10.29 21:33:56 | 001,404,928 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\PenTablet.cpl

[2013.10.29 21:33:56 | 000,000,000 | ---D | C] -- D:\Programme\Tablett

[2013.10.29 21:33:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Tablett

[2013.10.29 21:33:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WTablet

[2013.10.29 21:33:41 | 000,942,080 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Tablet.exe

[2013.10.29 21:33:41 | 000,135,168 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll

[2013.10.29 21:33:39 | 000,000,000 | ---D | C] -- D:\Programme\Tablet

[2013.10.29 21:20:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu

[2013.10.29 21:05:47 | 000,000,000 | ---D | C] -- C:\fujitsu

[2013.10.29 21:05:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2013.10.29 20:59:57 | 000,000,000 | ---D | C] -- G:\Eigene Dateien\Downloads

[2013.10.29 20:53:05 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

[2013.10.29 20:53:03 | 000,012,672 | R--- | C] (Fujitsu Computer Systems Corporation) -- C:\WINDOWS\System32\drivers\FjBtndrv.sys

[2013.10.29 20:26:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2013.10.29 20:26:09 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield

[2013.10.29 20:25:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla

[2013.10.29 20:25:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla

[2013.10.29 20:25:42 | 000,000,000 | ---D | C] -- D:\Programme\Mozilla Maintenance Service

[2013.10.29 20:25:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013.10.29 20:25:39 | 000,000,000 | ---D | C] -- D:\Programme\Mozilla Firefox

[2013.10.29 20:12:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

[2013.10.29 20:11:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2013.10.29 20:11:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013.10.29 20:11:53 | 000,000,000 | ---D | C] -- D:\Programme\Malwarebytes' Anti-Malware

[2013.10.29 20:08:32 | 003,298,432 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\w29n51.sys

[2013.10.29 20:08:32 | 001,671,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\w29mlres.dll

[2013.10.29 20:08:32 | 000,466,944 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\w29NCPA.dll

[2013.10.29 20:08:32 | 000,000,000 | ---D | C] -- D:\Programme\Intel

[2013.10.29 19:55:57 | 000,000,000 | ---D | C] -- D:\Programme\xerox

[2013.10.29 19:55:54 | 000,000,000 | ---D | C] -- D:\Programme\outlook express

[2013.10.29 19:55:54 | 000,000,000 | ---D | C] -- D:\Programme\movie maker

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\windows nt

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\windows media player

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\netmeeting

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\msn gaming zone

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\microsoft frontpage

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\internet explorer

[2013.10.29 19:54:29 | 000,000,000 | -HSD | C] -- C:\Recycled

[2013.10.29 19:44:48 | 000,000,000 | R--D | C] -- G:\Eigene Dateien\Eigene Musik

[2013.10.29 19:44:48 | 000,000,000 | R--D | C] -- G:\Eigene Dateien\Eigene Bilder

[2013.10.29 19:34:12 | 000,000,000 | ---D | C] -- C:\Installationsdateien

[2013.10.29 19:31:24 | 000,000,000 | -HSD | C] -- C:\FOUND.000

[2013.10.29 19:10:31 | 000,000,000 | ---D | C] -- C:\treiber

[2013.10.29 17:59:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities

[2013.10.29 17:59:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien

[2013.10.29 17:59:41 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft

[2013.10.29 17:59:41 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung

[2013.10.29 17:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop

[2013.10.29 17:52:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2013.10.29 17:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2013.10.29 17:52:37 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2013.10.29 17:52:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2013.10.29 17:52:35 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft

[2013.10.29 17:52:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:51:12 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft

[2013.10.29 17:51:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:49:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2013.10.29 17:48:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll

[2013.10.29 17:47:52 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM

[2013.10.29 17:47:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2013.10.29 17:47:40 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages

[2013.10.29 17:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2013.10.29 17:46:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll

[2013.10.29 17:46:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll

[2013.10.29 17:46:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll

[2013.10.29 17:46:32 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste

[2013.10.29 17:46:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll

[2013.10.29 17:46:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2013.10.29 17:46:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap

[2013.10.29 17:46:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2013.10.29 17:46:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2013.10.29 17:46:20 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll

[2013.10.29 17:46:20 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2013.10.29 17:46:19 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2013.10.29 17:46:19 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe

[2013.10.29 17:46:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2013.10.29 17:46:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2013.10.29 17:46:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2013.10.29 17:46:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2013.10.29 17:46:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2013.10.29 17:46:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2013.10.29 17:46:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2013.10.29 17:46:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2013.10.29 17:46:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe

[2013.10.29 17:46:06 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll

[2013.10.29 17:46:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2013.10.29 17:46:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll

[2013.10.29 17:46:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll

[2013.10.29 17:46:05 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll

[2013.10.29 17:46:05 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll

[2013.10.29 17:46:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll

[2013.10.29 17:46:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll

[2013.10.29 17:46:02 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll

[2013.10.29 17:46:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll

[2013.10.29 17:45:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2013.10.29 17:45:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2013.10.29 17:45:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2013.10.29 17:45:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2013.10.29 17:45:57 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2013.10.29 17:45:51 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System

[2013.10.29 17:45:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder

[2013.10.29 17:45:19 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele

[2013.10.29 17:44:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung

[2013.10.29 17:44:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2013.10.29 17:44:48 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik

[2013.10.29 17:44:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe

[2013.10.29 17:44:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe

[2013.10.29 17:44:29 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll

[2013.10.29 17:44:28 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll

[2013.10.29 17:44:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll

[2013.10.29 17:44:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe

[2013.10.29 17:44:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll

[2013.10.29 17:44:21 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll

[2013.10.29 17:44:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe

[2013.10.29 17:44:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe

[2013.10.29 17:44:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe

[2013.10.29 17:44:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe

[2013.10.29 17:44:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe

[2013.10.29 17:44:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe

[2013.10.29 17:44:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe

[2013.10.29 17:44:18 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe

[2013.10.29 17:44:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe

[2013.10.29 17:44:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe

[2013.10.29 17:44:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll

[2013.10.29 17:44:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe

[2013.10.29 17:44:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll

[2013.10.29 17:44:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll

[2013.10.29 17:44:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll

[2013.10.29 17:44:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll

[2013.10.29 17:44:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll

[2013.10.29 17:44:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll

[2013.10.29 17:44:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe

[2013.10.29 17:44:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll

[2013.10.29 17:44:15 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll

[2013.10.29 17:44:01 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2013.10.29 17:44:01 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2013.10.29 17:44:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe

[2013.10.29 17:44:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2013.10.29 17:44:00 | 000,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll

[2013.10.29 17:44:00 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe

[2013.10.29 17:43:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe

[2013.10.29 17:43:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll

[2013.10.29 17:43:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll

[2013.10.29 17:43:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe

[2013.10.29 17:43:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe

[2013.10.29 17:43:57 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll

[2013.10.29 17:43:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe

[2013.10.29 17:43:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe

[2013.10.29 17:43:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll

[2013.10.29 17:43:57 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe

[2013.10.29 17:43:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll

[2013.10.29 17:43:56 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll

[2013.10.29 17:43:56 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll

[2013.10.29 17:43:56 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll

[2013.10.29 17:43:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll

[2013.10.29 17:43:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2013.10.29 17:43:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll

[2013.10.29 17:43:54 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll

[2013.10.29 17:43:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll

[2013.10.29 17:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2013.10.29 17:43:53 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll

[2013.10.29 17:43:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll

[2013.10.29 17:43:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

[2013.10.29 17:43:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll

[2013.10.29 17:43:44 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll

[2013.10.29 17:43:40 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos

[2013.10.29 17:43:18 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör

[2013.10.29 17:38:15 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe

[2013.10.29 17:38:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll

[2013.10.29 17:38:13 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\drivers\smcirda.sys

[2013.10.29 17:37:59 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys

[2013.10.29 17:37:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll

[2013.10.29 17:37:27 | 000,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys

[2013.10.29 17:36:27 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2013.10.29 17:36:26 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC

[2013.10.29 17:36:22 | 000,000,000 | R--D | C] -- C:\Programme

[2013.10.29 17:36:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines

[2013.10.29 17:36:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared

[2013.10.29 17:36:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll

[2013.10.29 17:36:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll

[2013.10.29 17:36:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll

[2013.10.29 17:36:14 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll

[2013.10.29 17:36:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll

[2013.10.29 17:36:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll

[2013.10.29 17:36:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll

[2013.10.29 17:36:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll

[2013.10.29 17:36:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll

[2013.10.29 17:36:13 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll

[2013.10.29 17:36:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll

[2013.10.29 17:36:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll

[2013.10.29 17:36:10 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll

[2013.10.29 17:36:09 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll

[2013.10.29 17:36:09 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL

[2013.10.29 17:36:07 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll

[2013.10.29 17:36:07 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll

[2013.10.29 17:36:07 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll

[2013.10.29 17:36:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll

[2013.10.29 17:36:06 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll

[2013.10.29 17:36:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL

[2013.10.29 17:36:06 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV

[2013.10.29 17:36:06 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL

[2013.10.29 17:36:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL

[2013.10.29 17:36:06 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV

[2013.10.29 17:36:06 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV

[2013.10.29 17:36:06 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV

[2013.10.29 17:36:06 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV

[2013.10.29 17:36:05 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL

[2013.10.29 17:36:05 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL

[2013.10.29 17:36:05 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV

[2013.10.29 17:36:05 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL

[2013.10.29 17:36:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV

[2013.10.29 17:36:05 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV

[2013.10.29 17:36:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL

[2013.10.29 17:36:05 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL

[2013.10.29 17:36:05 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV

[2013.10.29 17:36:05 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV

[2013.10.29 17:36:05 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK

[2013.10.29 17:36:04 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL

[2013.10.29 17:36:04 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL

[2013.10.29 17:36:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE

[2013.10.29 17:36:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll

[2013.10.29 17:36:03 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV

[2013.10.29 17:36:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL

[2013.10.29 17:36:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart

[2013.10.29 17:35:52 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen

[2013.10.29 17:35:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten

[2013.10.29 17:35:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop

[2013.10.29 17:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2013.10.29 17:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2013.10.29 17:35:30 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft

[2013.10.29 17:35:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

[2013.10.29 17:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen

[2013.10.29 17:29:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2013.10.29 17:29:28 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2013.10.29 17:29:28 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web

[2013.10.29 17:29:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\security

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\java

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.11.03 18:50:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.11.03 08:58:46 | 001,060,070 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe

[2013.11.02 22:59:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.11.02 22:14:14 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2013.11.02 22:12:22 | 001,089,445 | ---- | M] (Farbar) -- C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe

[2013.10.31 19:25:44 | 000,000,524 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2013.10.31 19:24:36 | 000,405,692 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.10.31 19:24:36 | 000,392,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.10.31 19:24:36 | 000,070,976 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.10.31 19:24:36 | 000,058,930 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.10.29 20:25:44 | 000,000,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.10.29 19:40:00 | 000,001,148 | ---- | M] () -- C:\WINDOWS\PWCMDLST.BAK

[2013.10.29 19:35:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2013.10.29 17:59:30 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.10.29 17:51:16 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2013.10.29 17:50:12 | 000,004,438 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013.10.29 17:50:06 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2013.10.29 17:49:02 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2013.10.29 17:49:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2013.10.29 17:49:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2013.10.29 17:49:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2013.10.29 17:49:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2013.10.29 17:48:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2013.10.29 17:48:52 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2013.10.29 17:48:52 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2013.10.29 17:48:40 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2013.10.29 17:45:20 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.11.03 08:58:41 | 001,060,070 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe

[2013.11.02 22:14:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2013.10.31 19:25:43 | 000,000,524 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2013.10.29 21:56:30 | 000,655,842 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa

[2013.10.29 21:56:30 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll

[2013.10.29 21:56:30 | 000,023,632 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp

[2013.10.29 21:56:30 | 000,002,096 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp

[2013.10.29 21:56:30 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp

[2013.10.29 21:56:26 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp

[2013.10.29 21:56:26 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNB.bmp

[2013.10.29 21:33:56 | 001,626,122 | ---- | C] () -- C:\WINDOWS\System32\PenTablet.znc

[2013.10.29 20:25:43 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

[2013.10.29 20:25:43 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.10.29 20:08:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\System32\drivers\verfile.tic

[2013.10.29 19:39:58 | 000,001,148 | ---- | C] () -- C:\WINDOWS\PWCMDLST.BAK

[2013.10.29 19:35:21 | 002,881,848 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe

[2013.10.29 19:35:20 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys

[2013.10.29 19:35:20 | 000,010,320 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys

[2013.10.29 17:59:41 | 000,001,503 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk

[2013.10.29 17:51:15 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2013.10.29 17:50:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2013.10.29 17:49:00 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2013.10.29 17:49:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2013.10.29 17:49:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2013.10.29 17:49:00 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2013.10.29 17:49:00 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2013.10.29 17:48:50 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2013.10.29 17:48:50 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2013.10.29 17:48:49 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2013.10.29 17:46:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2013.10.29 17:46:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2013.10.29 17:45:18 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2013.10.29 17:44:19 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2013.10.29 17:44:18 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2013.10.29 17:44:17 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2013.10.29 17:44:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2013.10.29 17:36:30 | 000,004,438 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2013.10.29 17:36:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2013.10.29 17:36:04 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2013.10.29 17:35:51 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2013.10.29 17:35:51 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat

[2013.10.29 17:35:51 | 000,103,124 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat

[2013.10.29 17:35:51 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2013.10.29 17:35:51 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat

[2013.10.29 17:35:51 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2013.10.29 17:35:51 | 000,018,989 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat

[2013.10.29 17:35:51 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2013.10.29 17:35:51 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2013.10.29 17:35:51 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat

[2013.10.29 17:35:51 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2013.10.29 17:35:51 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2013.10.29 17:35:51 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2013.10.29 17:35:51 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2013.10.29 17:35:51 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2013.10.29 17:35:50 | 001,899,936 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2013.10.29 17:35:50 | 001,014,663 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT

[2013.10.29 17:35:50 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2013.10.29 17:35:50 | 000,618,406 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2013.10.29 17:35:04 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.10.29 17:33:57 | 000,000,211 | -HS- | C] () -- C:\boot.ini

[2013.10.29 17:33:52 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

 
 ========== ZeroAccess Check ==========

 

[2013.10.31 19:22:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2002.12.31 12:00:00 | 001,483,776 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2002.12.31 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2002.12.31 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >

und Nummer 2

Code:

OTL Extras logfile created on: 03.11.2013 19:32:46 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = G:\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,81% Memory free

2,59 Gb Paging File | 2,19 Gb Available in Paging File | 84,41% Paging File free

Paging file location(s): C:\pagefile.sys 766 766 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programme

Drive C: | 2,92 Gb Total Space | 0,55 Gb Free Space | 18,69% Space Free | Partition Type: FAT32

Drive D: | 11,98 Gb Total Space | 11,75 Gb Free Space | 98,01% Space Free | Partition Type: FAT32

Drive E: | 3,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive G: | 40,95 Gb Total Space | 28,12 Gb Free Space | 68,67% Space Free | Partition Type: FAT32

 

Computer Name: TABLET | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = htmlfile] -- C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Programme\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

https [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"D:\Programme\Malwarebytes' Anti-Malware\mbam.exe" = D:\Programme\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes Anti-Malware -- (Malwarebytes Corporation)

"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 8.1.1

"{0DEB8B99-21A8-4ED7-B02B-55B4B31816EC}" = Fujitsu Button Driver Component

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{5337BED2-73A0-4EB8-A33C-91DFD4C2F82D}" = Fujitsu Pen Service

"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{E1D78C08-3477-470B-82B7-61BD4F63110B}" = Fingerprint Sensor Minimum Install

"{F94FD9EE-B0A7-47BE-8C96-72F693BE4299}" = Fujitsu Button Utilities

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300

"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0

"Mozilla Firefox 23.0 (x86 de)" = Mozilla Firefox 23.0 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Tablet Driver" = Tablett

"VLC media player" = VLC media player 1.1.5

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Zip Extractor Packages" = Zip Extractor Packages

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 02.11.2013 17:21:56 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 02.11.2013 17:23:17 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 02.11.2013 18:00:53 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:19:13 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:19:52 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:21:43 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:23:50 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:24:37 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:25:18 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

Error - 03.11.2013 04:31:22 | Computer Name = TABLET | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung frst.exe, Version 3.3.8.1, fehlgeschlagenes

 Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x0002e12a.

 

[ System Events ]

Error - 29.10.2013 17:52:47 | Computer Name = TABLET | Source = SideBySide | ID = 16842811

Description = Generate Activation Context ist für C:\WINDOWS\system32\PenTablet.cpl

 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .

 

Error - 29.10.2013 17:56:37 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 31.10.2013 14:21:18 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 02.11.2013 18:00:42 | Computer Name = TABLET | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   PCIIde

 

Error - 02.11.2013 18:04:39 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 02.11.2013 18:18:47 | Computer Name = TABLET | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   PCIIde

 

Error - 02.11.2013 18:22:33 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 03.11.2013 04:02:24 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 03.11.2013 04:11:52 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

Error - 03.11.2013 04:34:31 | Computer Name = TABLET | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1460

 

 

< End of report >

Na dann mal los:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=302f407bcd5b354f973356d95cb0849b

# engine=15742

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-11-04 02:24:16

# local_time=2013-11-04 03:24:16 (+0100, Westeuropäische Normalzeit)

# country="Germany"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# scanned=11397

# found=8

# cleaned=0

# scan_time=1926

sh=F5D5227CB3567C26FAD4D70836736F644AA618F5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\11AWSHV3\member[1].htm"

sh=307BEF44C997BDA8024EEA721DEC36F354835DFF ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ECEWTR46\member[2].htm"

sh=CB1A1C278163A2E2D7DE9D466B85AC7E94ACF491 ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.AMXL trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Microsoft Office 2010 Pro Plus Deutsch x86 SP1\Microsoft.Office.2010.Professional.Plus.rar"

sh=3A484964A5B27B52F2F82ABB18DE328298C77975 ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.ANEX trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Microsoft Office 2010 Pro Plus Deutsch x86 SP1\Microsoft.Office.2010.Pro.Plus.VL.x86.rar"

sh=EB2194263C5DB0E01325C16F13B69642461D6BD6 ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.AMXL trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Microsoft Office 2010 Pro Plus Deutsch x86 SP1\Microsoft.Office.2010.Professional.Plus.rar"

sh=7C3C42262ADAF1B585ECE8EEFEEC9EF3B18DA59D ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.AMXL trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Microsoft Office 2010 Pro Plus Deutsch x86 SP1\Microsoft.Office.2010.Pro.Plus.x64.rar"

sh=8586A87204C6CB5B3F8D742A34342777ACB1FD60 ft=1 fh=c71c00115e22c36b vn="a variant of Win32/Injector.AMXL trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Microsoft Office 2010 Pro Plus Deutsch x86 SP1\Microsoft.Office.2010.Pro.Plus.x86.exe"

sh=5F883232BE13BD2431CEF0A912EFEAE965F6532E ft=0 fh=0000000000000000 vn="Win32/Fynloski.AA trojan" ac=I fn="G:\Eigene Dateien\Arbeitskopie\Adobe Photoshop CS6 v13 1 2 Extended\Adobe Photoshop CS6 v13.1.2 Extended\Adobe.Photoshop.CS6.iso"

Code:

 Results of screen317's Security Check version 0.99.74  

 Windows XP Service Pack 2 x86   

 Out of date service pack!! 

 Internet Explorer 6 Out of date! 
 ``````````````Antivirus/Firewall Check:`````````````` 

 Windows Security Center service is not running! This report may not be accurate! 

Warten Sie, w„hrend WMIC installiert wird. 

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware Version 1.75.0.1300  

 Mozilla Firefox (23.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C::  
 ````````````````````End of Log``````````````````````

und

Code:

OTL logfile created on: 04.11.2013 15:34:29 - Run 2

OTL by OldTimer - Version 3.2.69.0     Folder = G:\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,99 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,73% Memory free

2,59 Gb Paging File | 2,14 Gb Available in Paging File | 82,82% Paging File free

Paging file location(s): C:\pagefile.sys 766 766 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = D:\Programme

Drive C: | 2,92 Gb Total Space | 0,82 Gb Free Space | 28,21% Space Free | Partition Type: FAT32

Drive D: | 11,98 Gb Total Space | 11,64 Gb Free Space | 97,14% Space Free | Partition Type: FAT32

Drive E: | 3,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive G: | 40,95 Gb Total Space | 28,12 Gb Free Space | 68,68% Space Free | Partition Type: FAT32

 

Computer Name: TABLET | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - G:\Eigene Dateien\Downloads\SecurityCheck.exe ()

PRC - G:\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)

PRC - D:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

PRC - C:\WINDOWS\system32\WTablet\TabUserW.exe (Wacom Technology, Corp.)

PRC - C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)

PRC - D:\Programme\Fujitsu\Utils\FjDspMon.exe (Fujitsu PC Corporation)

PRC - D:\Programme\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)

PRC - D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

PRC - D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

PRC - D:\Programme\Fujitsu\Utils\FjEvents.exe (Fujitsu PC Corporation)

PRC - C:\WINDOWS\system32\digtizer.exe (WACOM)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - G:\Eigene Dateien\Downloads\SecurityCheck.exe ()

MOD - D:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

MOD - D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (MozillaMaintenance) -- D:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (MBAMService) -- D:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (MBAMScheduler) -- D:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)

SRV - (TabletService) -- C:\WINDOWS\system32\Tablet.exe (Wacom Technology, Corp.)

SRV - (Digitizer) -- C:\WINDOWS\system32\digtizer.exe (WACOM)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (pwdrvio) -- C:\WINDOWS\system32\pwdrvio.sys ()

DRV - (pwdspio) -- C:\WINDOWS\system32\pwdspio.sys ()

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (WacomISDPen) -- C:\WINDOWS\system32\drivers\wacomisdpen.sys (Wacom Technology)

DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (ATSWPDRV) -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys (AuthenTec, Inc.)

DRV - (hidpen) -- C:\WINDOWS\system32\drivers\hidpen.sys (Wacom Co., Ltd)

DRV - (Fjbtndrv) -- C:\WINDOWS\system32\drivers\FjBtndrv.sys (Fujitsu Computer Systems Corporation)

DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\..\SearchScopes,DefaultScope = 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Google"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "https://www.google.de/"

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0

FF - user.js - File not found

 

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Components: D:\Programme\Mozilla Firefox\components

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0\extensions\\Plugins: D:\Programme\Mozilla Firefox\plugins

 

[2013.10.29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions

[2013.10.29 20:57:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\tu8g0mie.default\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\browser\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (Default) -- D:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\distribution\extensions

[2013.10.29 20:25:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- D:\Programme\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

 

O1 HOSTS File: ([2002.12.31 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [ATSwpNav] D:\Programme\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)

O4 - HKLM..\Run: [FjDspMon] D:\Programme\Fujitsu\Utils\FjDspMon.exe (Fujitsu PC Corporation)

O4 - HKLM..\Run: [FjEvents] D:\Programme\Fujitsu\Utils\FjEvents.exe (Fujitsu PC Corporation)

O4 - HKLM..\Run: [Fujitsu Menu] D:\Programme\Fujitsu\Utils\FjMnuIco.exe ()

O4 - HKLM..\Run: [IR-KeyboardApp] D:\Programme\Fujitsu\Utils\FjIrKbAp.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF42C820-03A7-4E1A-9F0A-A2ABAEE9ADBE}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013.10.29 17:49:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.11.04 14:48:16 | 000,000,000 | ---D | C] -- D:\Programme\ESET

[2013.11.03 09:09:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT

[2013.11.03 08:59:13 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2013.11.02 22:24:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Utils

[2013.11.02 22:15:00 | 000,000,000 | ---D | C] -- C:\FRST

[2013.11.02 22:12:21 | 001,089,445 | ---- | C] (Farbar) -- C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe

[2013.11.02 22:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\0D0S1L2Z1P1B

[2013.11.02 22:08:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google

[2013.11.01 03:53:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles

[2013.10.31 19:29:18 | 000,000,000 | ---D | C] -- G:\Eigene Dateien\Arbeitskopie

[2013.10.31 19:25:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN

[2013.10.31 19:25:24 | 000,000,000 | ---D | C] -- D:\Programme\VideoLAN

[2013.10.31 19:22:42 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly

[2013.10.31 19:22:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET

[2013.10.29 22:53:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2013.10.29 22:00:40 | 000,102,400 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtizer.cpl

[2013.10.29 22:00:40 | 000,061,440 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtizer.exe

[2013.10.29 22:00:40 | 000,045,056 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digusr.exe

[2013.10.29 22:00:40 | 000,045,056 | ---- | C] (WACOM) -- C:\WINDOWS\System32\digtiz32.dll

[2013.10.29 22:00:40 | 000,031,104 | ---- | C] (Wacom Co., Ltd) -- C:\WINDOWS\System32\drivers\hidpen.sys

[2013.10.29 22:00:40 | 000,000,000 | -H-D | C] -- D:\Programme\InstallShield Installation Information

[2013.10.29 22:00:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Drivers

[2013.10.29 22:00:02 | 000,000,000 | ---D | C] -- D:\Programme\Fujitsu

[2013.10.29 21:58:19 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll

[2013.10.29 21:58:19 | 000,000,000 | ---D | C] -- D:\Programme\AuthenTec

[2013.10.29 21:56:30 | 003,276,800 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxress.dll

[2013.10.29 21:56:30 | 002,363,392 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\iglicd32.dll

[2013.10.29 21:56:30 | 002,262,528 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdx32.dll

[2013.10.29 21:56:30 | 001,442,848 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpdv32.dll

[2013.10.29 21:56:30 | 000,454,656 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igldev32.dll

[2013.10.29 21:56:30 | 000,450,560 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcfg.exe

[2013.10.29 21:56:30 | 000,312,320 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difx32.dll

[2013.10.29 21:56:30 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrell.lrc

[2013.10.29 21:56:30 | 000,176,128 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdeu.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnld.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrita.lrc

[2013.10.29 21:56:30 | 000,172,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxresp.lrc

[2013.10.29 21:56:30 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrhun.lrc

[2013.10.29 21:56:30 | 000,167,936 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfra.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrrus.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptg.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrptb.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrplk.lrc

[2013.10.29 21:56:30 | 000,163,840 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxpph.dll

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrsve.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrnor.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrfin.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrdan.lrc

[2013.10.29 21:56:30 | 000,159,744 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcsy.lrc

[2013.10.29 21:56:30 | 000,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtrk.lrc

[2013.10.29 21:56:30 | 000,155,648 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrenu.lrc

[2013.10.29 21:56:30 | 000,147,456 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrtha.lrc

[2013.10.29 21:56:30 | 000,146,432 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxpgd32.dll

[2013.10.29 21:56:30 | 000,143,360 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrara.lrc

[2013.10.29 21:56:30 | 000,139,264 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrheb.lrc

[2013.10.29 21:56:30 | 000,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrkor.lrc

[2013.10.29 21:56:30 | 000,114,688 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrjpn.lrc

[2013.10.29 21:56:30 | 000,106,496 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxzoom.exe

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrcht.lrc

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxrchs.lrc

[2013.10.29 21:56:30 | 000,098,304 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxdo.dll

[2013.10.29 21:56:30 | 000,094,208 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxcpl.cpl

[2013.10.29 21:56:30 | 000,081,920 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\hccutils.dll

[2013.10.29 21:56:30 | 000,057,344 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\oemdspif.dll

[2013.10.29 21:56:30 | 000,053,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igxprd32.dll

[2013.10.29 21:56:30 | 000,044,032 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxsrvc.dll

[2013.10.29 21:56:30 | 000,023,552 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxexps.dll

[2013.10.29 21:56:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2013.10.29 21:56:26 | 000,364,544 | R--- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\igxpun.exe

[2013.10.29 21:56:26 | 000,312,320 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll

[2013.10.29 21:56:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang

[2013.10.29 21:55:25 | 000,000,000 | ---D | C] -- D:\Programme\Fingerprint Sensor

[2013.10.29 21:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\WTablet

[2013.10.29 21:33:56 | 001,404,928 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\PenTablet.cpl

[2013.10.29 21:33:56 | 000,000,000 | ---D | C] -- D:\Programme\Tablett

[2013.10.29 21:33:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Tablett

[2013.10.29 21:33:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WTablet

[2013.10.29 21:33:41 | 000,942,080 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Tablet.exe

[2013.10.29 21:33:41 | 000,135,168 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Wintab32.dll

[2013.10.29 21:33:39 | 000,000,000 | ---D | C] -- D:\Programme\Tablet

[2013.10.29 21:20:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu

[2013.10.29 21:05:47 | 000,000,000 | ---D | C] -- C:\fujitsu

[2013.10.29 21:05:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2013.10.29 20:59:57 | 000,000,000 | ---D | C] -- G:\Eigene Dateien\Downloads

[2013.10.29 20:53:05 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

[2013.10.29 20:53:03 | 000,012,672 | R--- | C] (Fujitsu Computer Systems Corporation) -- C:\WINDOWS\System32\drivers\FjBtndrv.sys

[2013.10.29 20:26:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2013.10.29 20:26:09 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield

[2013.10.29 20:25:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Mozilla

[2013.10.29 20:25:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla

[2013.10.29 20:25:42 | 000,000,000 | ---D | C] -- D:\Programme\Mozilla Maintenance Service

[2013.10.29 20:25:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla

[2013.10.29 20:25:39 | 000,000,000 | ---D | C] -- D:\Programme\Mozilla Firefox

[2013.10.29 20:12:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes

[2013.10.29 20:11:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2013.10.29 20:11:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2013.10.29 20:11:53 | 000,000,000 | ---D | C] -- D:\Programme\Malwarebytes' Anti-Malware

[2013.10.29 20:08:32 | 003,298,432 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\w29n51.sys

[2013.10.29 20:08:32 | 001,671,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\w29mlres.dll

[2013.10.29 20:08:32 | 000,466,944 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\w29NCPA.dll

[2013.10.29 20:08:32 | 000,000,000 | ---D | C] -- D:\Programme\Intel

[2013.10.29 19:55:57 | 000,000,000 | ---D | C] -- D:\Programme\xerox

[2013.10.29 19:55:54 | 000,000,000 | ---D | C] -- D:\Programme\outlook express

[2013.10.29 19:55:54 | 000,000,000 | ---D | C] -- D:\Programme\movie maker

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\windows nt

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\windows media player

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\netmeeting

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\msn gaming zone

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\microsoft frontpage

[2013.10.29 19:55:53 | 000,000,000 | ---D | C] -- D:\Programme\internet explorer

[2013.10.29 19:54:29 | 000,000,000 | -HSD | C] -- C:\Recycled

[2013.10.29 19:44:48 | 000,000,000 | R--D | C] -- G:\Eigene Dateien\Eigene Musik

[2013.10.29 19:44:48 | 000,000,000 | R--D | C] -- G:\Eigene Dateien\Eigene Bilder

[2013.10.29 19:34:12 | 000,000,000 | ---D | C] -- C:\Installationsdateien

[2013.10.29 19:31:24 | 000,000,000 | -HSD | C] -- C:\FOUND.000

[2013.10.29 19:10:31 | 000,000,000 | ---D | C] -- C:\treiber

[2013.10.29 17:59:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities

[2013.10.29 17:59:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien

[2013.10.29 17:59:41 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft

[2013.10.29 17:59:41 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent

[2013.10.29 17:59:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten

[2013.10.29 17:59:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen

[2013.10.29 17:59:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung

[2013.10.29 17:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop

[2013.10.29 17:52:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2013.10.29 17:52:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2013.10.29 17:52:37 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2013.10.29 17:52:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2013.10.29 17:52:35 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft

[2013.10.29 17:52:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:51:12 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft

[2013.10.29 17:51:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2013.10.29 17:49:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2013.10.29 17:48:39 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll

[2013.10.29 17:47:52 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM

[2013.10.29 17:47:40 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2013.10.29 17:47:40 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages

[2013.10.29 17:47:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2013.10.29 17:46:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll

[2013.10.29 17:46:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll

[2013.10.29 17:46:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll

[2013.10.29 17:46:32 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste

[2013.10.29 17:46:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll

[2013.10.29 17:46:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2013.10.29 17:46:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap

[2013.10.29 17:46:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2013.10.29 17:46:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2013.10.29 17:46:20 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll

[2013.10.29 17:46:20 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll

[2013.10.29 17:46:19 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll

[2013.10.29 17:46:19 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe

[2013.10.29 17:46:19 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll

[2013.10.29 17:46:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll

[2013.10.29 17:46:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll

[2013.10.29 17:46:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll

[2013.10.29 17:46:11 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll

[2013.10.29 17:46:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll

[2013.10.29 17:46:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll

[2013.10.29 17:46:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll

[2013.10.29 17:46:07 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe

[2013.10.29 17:46:06 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll

[2013.10.29 17:46:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2013.10.29 17:46:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll

[2013.10.29 17:46:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll

[2013.10.29 17:46:05 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll

[2013.10.29 17:46:05 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll

[2013.10.29 17:46:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll

[2013.10.29 17:46:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll

[2013.10.29 17:46:02 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll

[2013.10.29 17:46:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll

[2013.10.29 17:45:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll

[2013.10.29 17:45:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll

[2013.10.29 17:45:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll

[2013.10.29 17:45:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe

[2013.10.29 17:45:57 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll

[2013.10.29 17:45:51 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System

[2013.10.29 17:45:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder

[2013.10.29 17:45:19 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele

[2013.10.29 17:44:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung

[2013.10.29 17:44:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2013.10.29 17:44:48 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik

[2013.10.29 17:44:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe

[2013.10.29 17:44:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe

[2013.10.29 17:44:29 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll

[2013.10.29 17:44:28 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll

[2013.10.29 17:44:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll

[2013.10.29 17:44:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe

[2013.10.29 17:44:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll

[2013.10.29 17:44:21 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll

[2013.10.29 17:44:20 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe

[2013.10.29 17:44:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe

[2013.10.29 17:44:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe

[2013.10.29 17:44:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe

[2013.10.29 17:44:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe

[2013.10.29 17:44:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe

[2013.10.29 17:44:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe

[2013.10.29 17:44:18 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe

[2013.10.29 17:44:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe

[2013.10.29 17:44:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe

[2013.10.29 17:44:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe

[2013.10.29 17:44:18 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll

[2013.10.29 17:44:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe

[2013.10.29 17:44:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll

[2013.10.29 17:44:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll

[2013.10.29 17:44:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll

[2013.10.29 17:44:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll

[2013.10.29 17:44:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll

[2013.10.29 17:44:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll

[2013.10.29 17:44:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe

[2013.10.29 17:44:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll

[2013.10.29 17:44:15 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll

[2013.10.29 17:44:01 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe

[2013.10.29 17:44:01 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe

[2013.10.29 17:44:01 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe

[2013.10.29 17:44:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl

[2013.10.29 17:44:00 | 000,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll

[2013.10.29 17:44:00 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe

[2013.10.29 17:43:59 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe

[2013.10.29 17:43:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll

[2013.10.29 17:43:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll

[2013.10.29 17:43:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe

[2013.10.29 17:43:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe

[2013.10.29 17:43:57 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll

[2013.10.29 17:43:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe

[2013.10.29 17:43:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe

[2013.10.29 17:43:57 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll

[2013.10.29 17:43:57 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe

[2013.10.29 17:43:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll

[2013.10.29 17:43:56 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll

[2013.10.29 17:43:56 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll

[2013.10.29 17:43:56 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll

[2013.10.29 17:43:56 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll

[2013.10.29 17:43:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2013.10.29 17:43:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll

[2013.10.29 17:43:54 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll

[2013.10.29 17:43:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll

[2013.10.29 17:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2013.10.29 17:43:53 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll

[2013.10.29 17:43:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll

[2013.10.29 17:43:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll

[2013.10.29 17:43:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll

[2013.10.29 17:43:44 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll

[2013.10.29 17:43:40 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos

[2013.10.29 17:43:18 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör

[2013.10.29 17:38:15 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe

[2013.10.29 17:38:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll

[2013.10.29 17:38:13 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\drivers\smcirda.sys

[2013.10.29 17:37:59 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys

[2013.10.29 17:37:34 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll

[2013.10.29 17:37:27 | 000,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys

[2013.10.29 17:36:27 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2013.10.29 17:36:26 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC

[2013.10.29 17:36:22 | 000,000,000 | R--D | C] -- C:\Programme

[2013.10.29 17:36:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines

[2013.10.29 17:36:22 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared

[2013.10.29 17:36:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll

[2013.10.29 17:36:18 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll

[2013.10.29 17:36:18 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll

[2013.10.29 17:36:16 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll

[2013.10.29 17:36:14 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll

[2013.10.29 17:36:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll

[2013.10.29 17:36:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll

[2013.10.29 17:36:14 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll

[2013.10.29 17:36:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll

[2013.10.29 17:36:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll

[2013.10.29 17:36:13 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll

[2013.10.29 17:36:12 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll

[2013.10.29 17:36:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll

[2013.10.29 17:36:12 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll

[2013.10.29 17:36:10 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll

[2013.10.29 17:36:10 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll

[2013.10.29 17:36:10 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll

[2013.10.29 17:36:09 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll

[2013.10.29 17:36:09 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL

[2013.10.29 17:36:07 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll

[2013.10.29 17:36:07 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll

[2013.10.29 17:36:07 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll

[2013.10.29 17:36:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll

[2013.10.29 17:36:06 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll

[2013.10.29 17:36:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL

[2013.10.29 17:36:06 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV

[2013.10.29 17:36:06 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL

[2013.10.29 17:36:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL

[2013.10.29 17:36:06 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV

[2013.10.29 17:36:06 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV

[2013.10.29 17:36:06 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV

[2013.10.29 17:36:06 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV

[2013.10.29 17:36:05 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL

[2013.10.29 17:36:05 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL

[2013.10.29 17:36:05 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV

[2013.10.29 17:36:05 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL

[2013.10.29 17:36:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV

[2013.10.29 17:36:05 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV

[2013.10.29 17:36:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL

[2013.10.29 17:36:05 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL

[2013.10.29 17:36:05 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV

[2013.10.29 17:36:05 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV

[2013.10.29 17:36:05 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK

[2013.10.29 17:36:04 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL

[2013.10.29 17:36:04 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL

[2013.10.29 17:36:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE

[2013.10.29 17:36:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll

[2013.10.29 17:36:03 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV

[2013.10.29 17:36:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL

[2013.10.29 17:36:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente

[2013.10.29 17:35:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart

[2013.10.29 17:35:52 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen

[2013.10.29 17:35:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten

[2013.10.29 17:35:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop

[2013.10.29 17:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2013.10.29 17:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2013.10.29 17:35:30 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft

[2013.10.29 17:35:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

[2013.10.29 17:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen

[2013.10.29 17:29:28 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2013.10.29 17:29:28 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2013.10.29 17:29:28 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web

[2013.10.29 17:29:28 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\system

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\security

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\java

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028

[2013.10.29 17:29:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.11.04 14:40:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.11.03 08:58:46 | 001,060,070 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe

[2013.11.02 22:59:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.11.02 22:14:14 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2013.11.02 22:12:22 | 001,089,445 | ---- | M] (Farbar) -- C:\Dokumente und Einstellungen\Administrator\Desktop\FRST.exe

[2013.10.31 19:25:44 | 000,000,524 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2013.10.31 19:24:36 | 000,405,692 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2013.10.31 19:24:36 | 000,392,630 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2013.10.31 19:24:36 | 000,070,976 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2013.10.31 19:24:36 | 000,058,930 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2013.10.29 20:25:44 | 000,000,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.10.29 19:40:00 | 000,001,148 | ---- | M] () -- C:\WINDOWS\PWCMDLST.BAK

[2013.10.29 19:35:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini

[2013.10.29 17:59:30 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.10.29 17:51:16 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2013.10.29 17:50:12 | 000,004,438 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013.10.29 17:50:06 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2013.10.29 17:49:02 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2013.10.29 17:49:02 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2013.10.29 17:49:02 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2013.10.29 17:49:02 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2013.10.29 17:49:02 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2013.10.29 17:48:52 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2013.10.29 17:48:52 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2013.10.29 17:48:52 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2013.10.29 17:48:40 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2013.10.29 17:45:20 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.11.03 08:58:41 | 001,060,070 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\adwcleaner.exe

[2013.11.02 22:14:12 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2013.10.31 19:25:43 | 000,000,524 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2013.10.29 21:56:30 | 000,655,842 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa

[2013.10.29 21:56:30 | 000,200,704 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4704.dll

[2013.10.29 21:56:30 | 000,023,632 | R--- | C] () -- C:\WINDOWS\System32\igxpxs32.vp

[2013.10.29 21:56:30 | 000,002,096 | R--- | C] () -- C:\WINDOWS\System32\igxpxk32.vp

[2013.10.29 21:56:30 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\igxpxa32.vp

[2013.10.29 21:56:26 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNBR.bmp

[2013.10.29 21:56:26 | 000,121,232 | R--- | C] () -- C:\WINDOWS\System32\IScrNB.bmp

[2013.10.29 21:33:56 | 001,626,122 | ---- | C] () -- C:\WINDOWS\System32\PenTablet.znc

[2013.10.29 20:25:43 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk

[2013.10.29 20:25:43 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2013.10.29 20:08:32 | 000,000,023 | ---- | C] () -- C:\WINDOWS\System32\drivers\verfile.tic

[2013.10.29 19:39:58 | 000,001,148 | ---- | C] () -- C:\WINDOWS\PWCMDLST.BAK

[2013.10.29 19:35:21 | 002,881,848 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe

[2013.10.29 19:35:20 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys

[2013.10.29 19:35:20 | 000,010,320 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys

[2013.10.29 17:59:41 | 000,001,503 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk

[2013.10.29 17:51:15 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2013.10.29 17:50:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2013.10.29 17:49:00 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2013.10.29 17:49:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2013.10.29 17:49:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2013.10.29 17:49:00 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2013.10.29 17:49:00 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2013.10.29 17:48:50 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2013.10.29 17:48:50 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2013.10.29 17:48:49 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2013.10.29 17:46:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2013.10.29 17:46:41 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2013.10.29 17:45:18 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2013.10.29 17:44:19 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2013.10.29 17:44:18 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2013.10.29 17:44:17 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2013.10.29 17:44:10 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2013.10.29 17:36:30 | 000,004,438 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2013.10.29 17:36:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2013.10.29 17:36:04 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2013.10.29 17:35:51 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT

[2013.10.29 17:35:51 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat

[2013.10.29 17:35:51 | 000,103,124 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat

[2013.10.29 17:35:51 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT

[2013.10.29 17:35:51 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat

[2013.10.29 17:35:51 | 000,030,983 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT

[2013.10.29 17:35:51 | 000,018,989 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat

[2013.10.29 17:35:51 | 000,014,043 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT

[2013.10.29 17:35:51 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT

[2013.10.29 17:35:51 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat

[2013.10.29 17:35:51 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT

[2013.10.29 17:35:51 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT

[2013.10.29 17:35:51 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT

[2013.10.29 17:35:51 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat

[2013.10.29 17:35:51 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT

[2013.10.29 17:35:50 | 001,899,936 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT

[2013.10.29 17:35:50 | 001,014,663 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT

[2013.10.29 17:35:50 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT

[2013.10.29 17:35:50 | 000,618,406 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT

[2013.10.29 17:35:04 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2013.10.29 17:33:57 | 000,000,211 | -HS- | C] () -- C:\boot.ini

[2013.10.29 17:33:52 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

 
 ========== ZeroAccess Check ==========

 

[2013.10.31 19:22:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2002.12.31 12:00:00 | 001,483,776 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2002.12.31 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2002.12.31 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >