Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trojaner Dropper PGen: welche Auswirkung? wie entfernen? (https://www.trojaner-board.de/103243-trojaner-dropper-pgen-welche-auswirkung-entfernen.html)

felicithas 07.09.2011 21:42
Trojaner Dropper PGen: welche Auswirkung? wie entfernen?
 
Hallo,
Malwarebytes hat den Trojaner Dropper PGen identifiziert. Könnt Ihr mir bitte sagen,was er macht, wie ich den los werde bzw. ob er bösartig ist. Evtl. verstecken sich noch mehr auf meinem Laptop?

Malwarebytes Logfile
Malwarebytes' Anti-Malware 1.51.1.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 7660

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

06.09.2011 07:56:08
mbam-log-2011-09-06 (07-56-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (B:\|C:\|D:\|E:\|)
Durchsuchte Objekte: 498658
Laufzeit: 56 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
e:\downloads\www.torrent.to...wiso.steuer.2011.german-restore\keygen.exe (Trojan.Dropper.PGen) -> No action taken.

--------------------------------------------------------------

OTL Logfile:

OTL logfile created on: 06.09.2011 07:55:54 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\mitarbeiter\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,86 Gb Total Physical Memory | 5,35 Gb Available Physical Memory | 68,04% Memory free
15,72 Gb Paging File | 13,20 Gb Available in Paging File | 83,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 270,35 Gb Total Space | 123,22 Gb Free Space | 45,58% Space Free | Partition Type: NTFS
Drive D: | 3,79 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 107,42 Gb Total Space | 92,67 Gb Free Space | 86,27% Space Free | Partition Type: NTFS

Computer Name: DESKTOPXXX | User Name: mitarbeiter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\mitarbeiter\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE (Broadcom Corporation)
SRV:64bit: - (DisplayLinkService) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (e1kexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (mv2) -- C:\Windows\SysNative\drivers\mv2.sys (UVNC BVBA)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (dlcdbus) DisplayLink Composite USB Bus Driver driver (WDM) -- C:\Windows\SysNative\drivers\dlcdbus.sys (MCCI Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (rismcx64) -- C:\Windows\SysNative\drivers\rismcx64.sys (RICOH Company, Ltd.)
DRV:64bit: - (RICOH SmartCard Reader) -- C:\Windows\SysNative\drivers\rismcx64.sys (RICOH Company, Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B6 03 E6 BC 2B ED CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.08.19 23:01:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.24 10:35:48 | 000,000,000 | ---D | M]

[2011.08.16 23:37:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mitarbeiter\AppData\Roaming\mozilla\Extensions
[2011.08.16 23:37:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mitarbeiter\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2011.03.28 16:00:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mitarbeiter\AppData\Roaming\mozilla\Firefox\Profiles\3rhjtwl8.default\extensions
[2011.03.11 10:13:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.02.06 02:58:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.11 10:13:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.21 13:09:28 | 000,032,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
[2011.04.01 10:00:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.01 10:00:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.01 10:00:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.01 10:00:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.01 10:00:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Broadcom\Broadcom 802.11\WLTRAY.EXE (Broadcom Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Communicator] C:\Program Files (x86)\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [NUSB3MON] c:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Lync-Add-On - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync-Add-On - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.117.1.25 89.16.129.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{168DC103-C5CB-497E-89B7-C006E8CDE755}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{873BAB5F-153C-4485-B5A9-0B47EB3C4214}: DhcpNameServer = 62.117.1.25 89.16.129.25
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - Reg Error: Key error. - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0b91385f-6bf0-11e0-970b-b499bae04ae4}\Shell - "" = AutoRun
O33 - MountPoints2\{0b91385f-6bf0-11e0-970b-b499bae04ae4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{55772021-6bea-11e0-9659-b499bae04ae4}\Shell - "" = AutoRun
O33 - MountPoints2\{55772021-6bea-11e0-9659-b499bae04ae4}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.09.06 07:54:54 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\mitarbeiter\Desktop\OTL.exe
[2011.09.04 22:00:25 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\Documents\Notfall
[2011.09.04 06:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.09.04 05:59:52 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Google
[2011.08.26 00:20:30 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2011.08.26 00:20:29 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2011.08.26 00:20:29 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysinfo.ocx
[2011.08.26 00:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Loadstreet
[2011.08.23 09:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.08.23 09:31:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2011.08.23 09:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2011.08.23 09:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.08.23 09:31:10 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.08.23 09:29:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.08.23 09:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.08.23 09:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.08.23 09:29:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.08.22 01:33:00 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\WinRAR
[2011.08.22 01:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.08.22 01:32:39 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.08.22 01:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.08.22 01:24:27 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\Documents\OneNote-Notizbücher
[2011.08.21 00:41:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.08.21 00:41:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.08.21 00:41:12 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.21 00:41:12 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.08.21 00:41:12 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.08.21 00:41:12 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.21 00:41:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.21 00:41:12 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.08.21 00:41:12 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.08.21 00:41:12 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.08.21 00:41:12 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.08.21 00:41:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.08.21 00:41:12 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.08.21 00:41:12 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.08.21 00:41:12 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.08.21 00:41:12 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.08.21 00:41:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.21 00:41:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.21 00:41:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.21 00:41:12 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.08.21 00:41:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.08.21 00:41:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.08.21 00:41:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.21 00:41:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.08.21 00:41:12 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.08.21 00:41:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.08.21 00:41:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.08.21 00:41:12 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.08.21 00:41:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.08.21 00:41:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.08.21 00:41:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.08.21 00:41:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.08.21 00:41:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.08.21 00:41:12 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.08.21 00:41:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.08.21 00:41:12 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.08.21 00:41:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.08.21 00:41:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.08.21 00:41:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.08.21 00:41:12 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.08.21 00:41:12 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.08.21 00:41:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.08.21 00:41:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.08.21 00:41:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.08.21 00:41:12 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.21 00:41:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.08.21 00:41:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.08.21 00:41:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.08.21 00:41:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.08.21 00:41:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.08.21 00:41:12 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.08.21 00:41:12 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.08.21 00:41:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.08.21 00:41:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.08.21 00:41:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.08.21 00:41:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.08.21 00:41:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.08.21 00:41:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.21 00:41:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.08.21 00:41:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.08.21 00:41:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.08.21 00:41:12 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.08.21 00:41:12 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.08.21 00:41:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.08.21 00:41:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.08.21 00:41:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.08.21 00:41:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.08.21 00:41:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.08.21 00:41:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.08.21 00:41:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.08.21 00:41:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.08.21 00:41:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.08.21 00:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.08.21 00:30:10 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Netviewer
[2011.08.17 23:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.08.17 00:04:30 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Haufe
[2011.08.16 23:37:04 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Haufe Mediengruppe
[2011.08.16 23:37:04 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Haufe Mediengruppe
[2011.08.16 23:31:22 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Lexware
[2011.08.16 23:29:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Haufe
[2011.08.16 23:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2011.08.16 23:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2011.08.16 23:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ARD Ratgeber Geld
[2011.08.16 23:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ARD Ratgeber Geld
[2011.08.16 23:28:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ARD Ratgeber Geld
[2011.08.16 23:28:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haufe
[2011.08.16 23:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Haufe
[2011.08.16 23:28:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.08.16 23:26:59 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Lexware
[2011.08.16 23:26:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Lexware
[2011.08.16 22:27:41 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Canneverbe Limited
[2011.08.16 22:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2011.08.16 22:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011.08.16 22:16:49 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\pics
[2011.08.16 22:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\pics
[2011.08.16 22:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pics
[2011.08.16 22:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pics
[2011.08.13 14:00:06 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\AAV
[2011.08.13 13:55:52 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steuertipps
[2011.08.13 13:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft
[2011.08.13 13:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2011.08.13 13:49:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2011.08.13 13:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2011.08.13 01:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tax-Genie 2011
[2011.08.13 01:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tax-Genie 2011
[2011.08.13 01:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\SyncToy 2.1
[2011.08.13 01:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011.08.13 00:49:15 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\Documents\Steuer
[2011.08.13 00:43:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2011.08.13 00:43:07 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\uTorrent
[2011.08.13 00:43:07 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\uTorrent
[2011.08.13 00:43:04 | 000,639,352 | ---- | C] (BitTorrent, Inc.) -- C:\Users\mitarbeiter\Desktop\utorrent_3.0.25440.exe
[2011.08.13 00:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2011.08.13 00:37:07 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Buhl
[2011.08.13 00:33:57 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Roaming\Buhl Data Service
[2011.08.13 00:33:55 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\AppData\Local\Buhl Data Service
[2011.08.12 01:04:17 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\Desktop\Neuer Ordner
[2011.08.10 22:37:31 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.10 22:37:31 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.10 22:37:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.10 22:37:31 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.10 22:37:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.10 22:37:31 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.10 22:37:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.10 22:37:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.10 22:37:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.10 22:37:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.10 22:37:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 22:37:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 22:37:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 22:37:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.10 22:37:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 22:37:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 22:37:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 22:37:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.10 22:37:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 22:37:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 22:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 22:37:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 22:37:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 22:37:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.10 22:37:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011.08.10 22:37:24 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.10 22:37:24 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.10 22:37:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.10 22:37:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.10 22:37:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.10 22:37:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.10 22:37:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.10 22:37:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.10 22:37:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.10 22:37:04 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.10 22:37:04 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.10 22:37:03 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.07 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.08.07 12:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.08.07 12:21:06 | 000,000,000 | ---D | C] -- C:\Users\mitarbeiter\Documents\Bedienungsanleitung
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.09.06 07:53:23 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\mitarbeiter\Desktop\OTL.exe
[2011.09.06 07:04:05 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.06 06:04:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.06 00:15:32 | 009,886,692 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.06 00:15:32 | 000,799,448 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2011.09.06 00:15:32 | 000,799,226 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011.09.06 00:15:32 | 000,797,910 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2011.09.06 00:15:32 | 000,792,112 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2011.09.06 00:15:32 | 000,768,090 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.09.06 00:15:32 | 000,736,498 | ---- | M] () -- C:\Windows\SysNative\perfh00E.dat
[2011.09.06 00:15:32 | 000,713,568 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.09.06 00:15:32 | 000,710,658 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.06 00:15:32 | 000,530,052 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2011.09.06 00:15:32 | 000,523,250 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2011.09.06 00:15:32 | 000,450,036 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2011.09.06 00:15:32 | 000,428,104 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2011.09.06 00:15:32 | 000,195,854 | ---- | M] () -- C:\Windows\SysNative\perfc00E.dat
[2011.09.06 00:15:32 | 000,181,862 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2011.09.06 00:15:32 | 000,175,720 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2011.09.06 00:15:32 | 000,172,874 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.09.06 00:15:32 | 000,171,240 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011.09.06 00:15:32 | 000,167,902 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2011.09.06 00:15:32 | 000,162,066 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.09.06 00:15:32 | 000,140,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.09.06 00:15:32 | 000,136,892 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2011.09.06 00:15:32 | 000,122,898 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2011.09.06 00:15:32 | 000,111,200 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2011.09.06 00:15:32 | 000,101,310 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2011.09.06 00:14:18 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.06 00:14:18 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.06 00:07:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.06 00:06:59 | 2033,745,919 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.04 15:05:30 | 000,091,302 | ---- | M] () -- C:\Users\mitarbeiter\Desktop\eBay Kleinanzeigen _2 Kostenlos. Einfach. Lokal..pdf
[2011.09.04 07:33:24 | 000,119,122 | ---- | M] () -- C:\Users\mitarbeiter\Desktop\eBay Kleinanzeigen _ Kostenlos. Einfach. Lokal..pdf
[2011.08.30 16:26:40 | 000,485,863 | ---- | M] () -- C:\Users\mitarbeiter\Desktop\Bonobo.png
[2011.08.30 00:43:02 | 000,001,321 | ---- | M] () -- C:\Users\mitarbeiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2011.08.29 20:57:54 | 000,000,741 | ---- | M] () -- C:\Windows\wiso.ini
[2011.08.24 23:08:07 | 000,410,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.08.21 00:41:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.08.21 00:41:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.08.21 00:41:12 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.08.21 00:41:12 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.08.21 00:41:12 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.08.21 00:41:12 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.08.21 00:41:12 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.08.21 00:41:12 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.08.21 00:41:12 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.08.21 00:41:12 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.08.21 00:41:12 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.08.21 00:41:12 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.08.21 00:41:12 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.08.21 00:41:12 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.08.21 00:41:12 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.08.21 00:41:12 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.08.21 00:41:12 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.21 00:41:12 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.21 00:41:12 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.21 00:41:12 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.08.21 00:41:12 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.08.21 00:41:12 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.08.21 00:41:12 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.21 00:41:12 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.08.21 00:41:12 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.08.21 00:41:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.08.21 00:41:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.08.21 00:41:12 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.08.21 00:41:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.08.21 00:41:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.08.21 00:41:12 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.08.21 00:41:12 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.08.21 00:41:12 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.08.21 00:41:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.08.21 00:41:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.08.21 00:41:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.08.21 00:41:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.08.21 00:41:12 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.08.21 00:41:12 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.08.21 00:41:12 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.08.21 00:41:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.08.21 00:41:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.08.21 00:41:12 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.08.21 00:41:12 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.08.21 00:41:12 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.21 00:41:12 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.08.21 00:41:12 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.08.21 00:41:12 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.08.21 00:41:12 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.08.21 00:41:12 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.08.21 00:41:12 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.08.21 00:41:12 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.08.21 00:41:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.08.21 00:41:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.08.21 00:41:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.08.21 00:41:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.08.21 00:41:12 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.08.21 00:41:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.08.21 00:41:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.08.21 00:41:12 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.21 00:41:12 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.08.21 00:41:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.08.21 00:41:12 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.08.21 00:41:12 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.08.21 00:41:12 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.08.21 00:41:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.08.21 00:41:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.08.21 00:41:12 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.08.21 00:41:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.08.21 00:41:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.08.21 00:41:12 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.08.21 00:41:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.08.21 00:41:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.08.21 00:41:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.08.21 00:34:09 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\ARD Ratgeber Geld Steuer 2011.lnk
[2011.08.16 22:27:35 | 000,001,751 | ---- | M] () -- C:\Users\mitarbeiter\Desktop\CDBurnerXP.lnk
[2011.08.16 22:15:47 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Terminplaner.lnk
[2011.08.16 22:15:39 | 000,330,240 | ---- | M] () -- C:\Windows\PICSUninstall.exe
[2011.08.16 22:15:39 | 000,139,776 | ---- | M] () -- C:\Windows\SysWow64\ZipDll.dll
[2011.08.16 22:15:39 | 000,122,368 | ---- | M] () -- C:\Windows\SysWow64\UnzDll.dll
[2011.08.13 00:43:05 | 000,639,352 | ---- | M] (BitTorrent, Inc.) -- C:\Users\mitarbeiter\Desktop\utorrent_3.0.25440.exe
[2011.08.09 23:34:42 | 000,349,092 | ---- | M] () -- C:\Users\mitarbeiter\Desktop\cooleDeals_201108092336.pdf
[2011.08.07 12:43:13 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.09.05 04:03:58 | 000,485,863 | ---- | C] () -- C:\Users\mitarbeiter\Desktop\Bonobo.png
[2011.09.04 15:05:29 | 000,091,302 | ---- | C] () -- C:\Users\mitarbeiter\Desktop\eBay Kleinanzeigen _2 Kostenlos. Einfach. Lokal..pdf
[2011.09.04 07:33:23 | 000,119,122 | ---- | C] () -- C:\Users\mitarbeiter\Desktop\eBay Kleinanzeigen _ Kostenlos. Einfach. Lokal..pdf
[2011.09.04 05:59:55 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.04 05:59:55 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.30 00:43:02 | 000,001,321 | ---- | C] () -- C:\Users\mitarbeiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2011.08.21 00:41:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.08.21 00:41:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.08.16 23:29:05 | 000,002,675 | ---- | C] () -- C:\Users\Public\Desktop\ARD Ratgeber Geld Steuer 2011.lnk
[2011.08.16 22:27:35 | 000,001,751 | ---- | C] () -- C:\Users\mitarbeiter\Desktop\CDBurnerXP.lnk
[2011.08.16 22:27:35 | 000,001,701 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2011.08.16 22:15:47 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Terminplaner.lnk
[2011.08.16 22:15:39 | 000,330,240 | ---- | C] () -- C:\Windows\PICSUninstall.exe
[2011.08.16 22:15:39 | 000,139,776 | ---- | C] () -- C:\Windows\SysWow64\ZipDll.dll
[2011.08.16 22:15:39 | 000,122,368 | ---- | C] () -- C:\Windows\SysWow64\UnzDll.dll
[2011.08.13 01:31:59 | 000,000,741 | ---- | C] () -- C:\Windows\wiso.ini
[2011.08.13 01:05:12 | 000,003,007 | ---- | C] () -- C:\Users\mitarbeiter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyncToy 2.1(x64).lnk
[2011.08.09 23:34:42 | 000,349,092 | ---- | C] () -- C:\Users\mitarbeiter\Desktop\cooleDeals_201108092336.pdf
[2011.08.07 12:43:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.08.07 12:43:13 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.08.07 03:30:10 | 000,007,619 | ---- | C] () -- C:\Users\mitarbeiter\AppData\Local\Resmon.ResmonCfg
[2011.08.06 11:17:44 | 000,000,600 | ---- | C] () -- C:\Users\mitarbeiter\AppData\Roaming\winscp.rnd
[2011.08.06 11:07:54 | 000,072,638 | ---- | C] () -- C:\ProgramData\cc_20110806_110742.reg
[2011.03.28 17:07:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.15 20:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2011.03.15 20:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd11.dll
[2011.03.15 20:47:24 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2011.02.06 04:35:15 | 009,959,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.04.21 10:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll

========== LOP Check ==========

[2011.03.28 11:43:02 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\7-PDFMaker
[2011.05.10 17:30:57 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\7-PDFSplitMerge
[2011.03.28 16:33:08 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\ac'tivAid
[2011.08.13 00:33:57 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Buhl Data Service
[2011.08.16 22:27:41 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Canneverbe Limited
[2011.03.31 20:40:23 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\gtk-2.0
[2011.08.16 23:37:04 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Haufe Mediengruppe
[2011.08.16 23:31:24 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Lexware
[2011.04.21 15:11:37 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Notepad++
[2011.08.16 22:16:49 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\pics
[2011.03.28 11:37:01 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\Subversion
[2011.08.06 10:04:47 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\T-Mobile
[2011.05.05 09:55:51 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\T-Mobile Internet Manager
[2011.07.23 00:07:07 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\TuneUp Software
[2011.09.06 07:48:57 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\uTorrent
[2011.08.07 03:50:24 | 000,000,000 | ---D | M] -- C:\Users\mitarbeiter\AppData\Roaming\XLMSoft
[2011.08.07 11:23:46 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


Ich hoffe Ihr könnt mir helfen das Problem zu beheben.

Viele Grüße

Swisstreasure 07.09.2011 22:25
Dateien, wie Crack.exe, Keygen.exe oder Patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte.
Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf
Anleitung zum Neu aufsetzten

felicithas 08.09.2011 23:40
Sehr freundlich - besten Dank!

:daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131