View Full Version : Win32.Downloader found?
thomas frank mas
2013-07-04, 14:24
Hi Gentlemen!
I have reinstalled XP SP3 on my computer, Norton Internetsecurity and Tuneup 2012 and after installation of SpyBot 2 and run of System-Scan it showed infection with WIN32.Downloader MalwareC ID F65FFCFA 13. I had SpyBot correct it and since that there is no indication of further infection wether in SpyBot or in Norton. I googled the threats of this malware and these informations tell, that it could not be removed by Spybot and other viruskilling programs and it does hide itself. The only sign of infection is after some time of running IE 8 stays trying to connect, but shoes no Homepage whatsoever. So I need your help to detect whats going on.
Before I posted Ideactivated TuneUpservices.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Tom at 13:17:41 on 2013-07-04
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1257 [GMT 2:00]
.
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe
C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe
C:\Programme\APPLE\iTunesHelper.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\MagicTune Premium\GammaTray.exe
C:\Programme\Windows Desktop Search\WindowsSearch.exe
c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Java\jre7\bin\jqs.exe
C:\Programme\MagicTune Premium\MagicTune.exe
C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Programme\Logitech\SetPointP\SetPoint.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Freecorder extension\BackgroundHost.exe
C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe
C:\Programme\Microsoft\Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.upc.at/
uProxyServer = localhost:21320
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\programme\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\programme\norton internet security\engine\20.4.0.40\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\programme\norton internet security\engine\20.4.0.40\ips\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\programme\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\programme\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Freecorder extension: {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - c:\programme\freecorder extension\ScriptHost.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\programme\java\jre7\bin\jp2ssv.dll
BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\gemeinsame dateien\dvdvideosoft\bin\IEDownloadMenuAndBtns.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\programme\norton internet security\engine\20.4.0.40\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\programme\norton internet security\engine\20.4.0.40\CoIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\programme\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\programme\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [Adobe ARM] "c:\programme\gemeinsame dateien\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\programme\gemeinsame dateien\java\java update\jusched.exe"
mRun: [DivXMediaServer] c:\programme\divx\divx media server\DivXMediaServer.exe
mRun: [DivXUpdate] "c:\programme\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\programme\gemeinsame dateien\apple\apple application support\APSDaemon.exe"
mRun: [EvtMgr6] c:\programme\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [MagicTuneLauncher] c:\programme\magictune premium\MagicTuneLauncher.exe
mRun: [SDTray] "c:\programme\safer networking\spybot - search & destroy 2\SDTray.exe"
mRun: [iTunesHelper] "c:\programme\apple\iTunesHelper.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\dokume~1\alluse~1.win\startm~1\progra~1\autost~1\gammat~1.lnk - c:\programme\magictune premium\GammaTray.exe
StartupFolder: c:\dokume~1\alluse~1.win\startm~1\progra~1\autost~1\window~1.lnk - c:\programme\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Free YouTube Download - c:\programme\gemeinsame dateien\dvdvideosoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\programme\gemeinsame dateien\dvdvideosoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\mi4d84~1\office\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\gemeinsame dateien\dvdvideosoft\bin\IEDownloadMenuAndBtns.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programme\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371604349625
TCP: NameServer = 212.186.211.21 195.34.133.21
TCP: Interfaces\{0D6775AE-C5DE-4202-A172-E809EB93E068} : DHCPNameServer = 212.186.211.21 195.34.133.21
Notify: LBTWlgn - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~1\gemein~1\jaksta~1\audioc~1\jaudcap.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\programme\windows desktop search\MSNLNamespaceMgr.dll
IFEO: connect.exe - "c:\programme\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: excel.exe - "c:\programme\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: finalmediaplayer.exe - "c:\programme\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: finder.exe - "c:\programme\tuneup utilities 2012\TUAutoReactivator32.exe"
IFEO: infopath.exe - "c:\programme\tuneup utilities 2012\TUAutoReactivator32.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1404000.028\SymDS.sys [2013-6-20 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1404000.028\SymEFA.sys [2013-6-20 934488]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\all users.windows\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.4.0.40\definitions\bashdefs\20130702.001\BHDrvx86.sys [2013-7-2 1002072]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1404000.028\ccSetx86.sys [2013-6-20 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1404000.028\Ironx86.sys [2013-6-20 175264]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2013-6-24 12808]
R2 NIS;Norton Internet Security;c:\programme\norton internet security\engine\20.4.0.40\ccSvcHst.exe [2013-6-20 144368]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\programme\safer networking\spybot - search & destroy 2\SDFSSvc.exe [2013-6-29 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\programme\safer networking\spybot - search & destroy 2\SDUpdSvc.exe [2013-6-29 1033688]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\gemeinsame dateien\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-6-20 106656]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\all users.windows\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.4.0.40\definitions\ipsdefs\20130703.001\IDSXpx86.sys [2013-7-4 373728]
R3 NAVENG;NAVENG;c:\dokumente und einstellungen\all users.windows\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.4.0.40\definitions\virusdefs\20130703.022\NAVENG.SYS [2013-7-4 93272]
R3 NAVEX15;NAVEX15;c:\dokumente und einstellungen\all users.windows\anwendungsdaten\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.4.0.40\definitions\virusdefs\20130703.022\NAVEX15.SYS [2013-7-4 1611992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2011-12-12 10064]
R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2012-5-29 1528672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\programme\safer networking\spybot - search & destroy 2\SDWSCSvc.exe [2013-6-29 171928]
S3 cpuz135;cpuz135;c:\programme\cpuid\pc wizard 2012\pcwiz_x32.sys [2012-4-17 24328]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-06-29 18:13:06 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-29 16:42:20 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-06-29 11:09:12 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\Spybot - Search & Destroy
2013-06-29 10:20:46 5632 ----a-w- c:\windows\system32\ptpusb.dll
2013-06-29 10:20:43 159232 ----a-w- c:\windows\system32\ptpusd.dll
2013-06-29 10:20:42 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2013-06-29 10:20:42 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-06-28 18:57:13 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2013-06-28 18:57:13 84480 ----a-w- c:\windows\system32\drivers\ac97via.sys
2013-06-28 12:56:37 102968 ----a-w- c:\windows\system32\IMEKR70.IME
2013-06-28 12:56:33 14336 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys
2013-06-27 17:31:51 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Help
2013-06-26 12:31:28 -------- d-----w- c:\programme\gemeinsame dateien\Jaksta Technologies
2013-06-26 12:04:48 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Freecorder 7 Video
2013-06-26 12:04:21 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Freecorder 7 Video
2013-06-26 12:04:20 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Jaksta_Technologies_Pty_L
2013-06-25 16:36:45 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Windows Search
2013-06-25 16:35:14 14048 ------w- c:\windows\system32\spmsg2.dll
2013-06-25 14:24:32 -------- d-----w- c:\windows\system32\winrm
2013-06-25 14:24:19 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2013-06-25 13:19:46 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-06-25 13:19:22 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-06-25 13:19:22 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-06-25 13:19:22 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-06-25 13:19:22 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-06-25 13:19:22 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-06-25 13:19:22 117760 ------w- c:\windows\system32\prntvpt.dll
2013-06-25 13:19:21 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2013-06-25 13:19:21 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-06-25 13:19:20 -------- dc----w- C:\ca9b08492440786b47e613
2013-06-25 13:13:30 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Windows Desktop Search
2013-06-25 13:10:36 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-06-24 11:55:22 53248 -c--a-r- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2013-06-24 11:54:43 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-06-24 11:54:26 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2013-06-24 11:52:50 12808 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2013-06-24 11:42:20 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Logishrd
2013-06-24 10:55:10 159744 ----a-w- c:\programme\internet explorer\plugins\npqtplugin5.dll
2013-06-24 10:55:10 159744 ----a-w- c:\programme\internet explorer\plugins\npqtplugin4.dll
2013-06-24 10:55:10 159744 ----a-w- c:\programme\internet explorer\plugins\npqtplugin3.dll
2013-06-24 10:55:10 159744 ----a-w- c:\programme\internet explorer\plugins\npqtplugin2.dll
2013-06-24 10:55:10 159744 ----a-w- c:\programme\internet explorer\plugins\npqtplugin.dll
2013-06-23 11:24:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2013-06-23 11:24:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2013-06-23 10:23:18 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\FileTypeAssistant
2013-06-23 10:22:37 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\FinalMediaPlayer
2013-06-23 10:17:57 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\APN
2013-06-22 21:34:39 44 ----a-w- c:\windows\system32\msssc.dll
2013-06-22 20:28:07 729088 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\iKernel.dll
2013-06-22 20:28:07 69715 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\ctor.dll
2013-06-22 20:28:07 5632 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2013-06-22 20:28:07 266240 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\iscript.dll
2013-06-22 20:28:07 192512 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\iuser.dll
2013-06-22 20:28:06 188548 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\iGdi.dll
2013-06-22 20:28:05 311428 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\09\01\intel32\setup.dll
2013-06-22 20:27:19 22664 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2013-06-22 20:26:02 753664 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-06-22 20:26:02 69714 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-06-22 20:26:02 5632 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-06-22 20:26:02 274432 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-06-22 20:26:02 184320 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-06-22 20:26:01 200836 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-06-22 20:26:00 331908 ----a-w- c:\programme\gemeinsame dateien\installshield\professional\runtime\11\00\intel32\setup.dll
2013-06-22 20:22:05 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\LogiShrd
2013-06-22 20:07:48 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\DVDVideoSoft
2013-06-22 20:01:24 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2013-06-22 20:01:22 466944 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2013-06-22 20:01:22 466944 ------w- c:\windows\system32\imapi2fs.dll
2013-06-22 20:01:22 320512 -c----w- c:\windows\system32\dllcache\imapi2.dll
2013-06-22 20:01:22 320512 ------w- c:\windows\system32\imapi2.dll
2013-06-22 19:30:06 -------- d-----w- c:\programme\gemeinsame dateien\DivX Shared
2013-06-22 19:18:19 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\wc
2013-06-22 19:18:12 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\wyUpdate AU
2013-06-22 19:17:57 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Cyberduck
2013-06-22 18:53:29 -------- dc----w- C:\TEMP
2013-06-22 10:18:21 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\Applian FLV and Media Player
2013-06-22 01:41:40 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2013-06-22 01:40:47 57728 ----a-w- c:\windows\system32\drivers\redbook.sys
2013-06-22 01:40:14 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2013-06-22 01:40:12 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2013-06-22 01:40:12 28160 ----a-w- c:\windows\system32\irmon.dll
2013-06-22 01:40:11 8192 ----a-w- c:\windows\system32\wshirda.dll
2013-06-22 01:40:11 153088 ----a-w- c:\windows\system32\irftp.exe
2013-06-22 01:40:06 18688 ----a-w- c:\windows\system32\drivers\irsir.sys
2013-06-22 01:39:41 77312 ----a-w- c:\windows\system32\usbui.dll
2013-06-22 01:39:32 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2013-06-22 01:39:13 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2013-06-22 01:33:54 16825 ----a-r- c:\windows\SET8.tmp
2013-06-22 01:33:50 1088840 ----a-r- c:\windows\SET4.tmp
2013-06-22 01:33:47 1246537 ----a-r- c:\windows\SET3.tmp
2013-06-22 01:33:33 -------- dc-h--r- c:\dokumente und einstellungen\all users.windows\Anwendungsdaten
2013-06-22 01:27:11 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-22 01:27:11 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-22 00:57:44 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Sun
2013-06-22 00:57:09 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-22 00:57:08 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 00:57:02 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-21 17:37:40 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-20 21:12:11 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Google
2013-06-20 21:05:39 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Adobe
2013-06-20 15:50:01 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\DivX
2013-06-20 15:16:03 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\DriverTurbo
2013-06-20 15:05:02 6272 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2013-06-20 15:05:02 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2013-06-20 14:04:04 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Apple Computer
2013-06-20 14:03:39 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-06-20 14:03:39 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2013-06-20 14:01:30 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2013-06-20 14:01:30 -------- d-----w- c:\programme\APPLE
2013-06-20 14:00:57 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Apple
2013-06-20 12:57:18 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-20 12:57:18 -------- d-----w- c:\programme\Symantec
2013-06-20 12:57:18 -------- d-----w- c:\programme\gemeinsame dateien\Symantec Shared
2013-06-20 12:56:38 934488 ----a-r- c:\windows\system32\drivers\nis\1404000.028\SymEFA.sys
2013-06-20 12:56:38 603224 ----a-r- c:\windows\system32\drivers\nis\1404000.028\srtsp.sys
2013-06-20 12:56:38 396760 ----a-r- c:\windows\system32\drivers\nis\1404000.028\symtdi.sys
2013-06-20 12:56:38 367704 ----a-r- c:\windows\system32\drivers\nis\1404000.028\SymDS.sys
2013-06-20 12:56:38 352344 ----a-r- c:\windows\system32\drivers\nis\1404000.028\symtdiv.sys
2013-06-20 12:56:38 339544 ----a-r- c:\windows\system32\drivers\nis\1404000.028\symnets.sys
2013-06-20 12:56:38 32344 ----a-r- c:\windows\system32\drivers\nis\1404000.028\srtspx.sys
2013-06-20 12:56:38 21400 ----a-r- c:\windows\system32\drivers\nis\1404000.028\SymELAM.sys
2013-06-20 12:56:38 175264 ----a-r- c:\windows\system32\drivers\nis\1404000.028\Ironx86.sys
2013-06-20 12:56:37 134744 ----a-r- c:\windows\system32\drivers\nis\1404000.028\ccSetx86.sys
2013-06-20 12:56:11 14818 ----a-r- c:\windows\system32\drivers\nis\1404000.028\SymVTcer.dat
2013-06-20 12:56:05 -------- d-----w- c:\programme\Norton Internet Security
2013-06-20 12:55:42 -------- d-----w- c:\programme\NortonInstaller
2013-06-20 11:43:54 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\LogMeIn Rescue Applet
2013-06-20 10:24:27 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\XnView
2013-06-19 23:45:31 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\FinalMediaPlayer
2013-06-19 22:55:57 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-19 22:38:34 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\NVIDIA
2013-06-19 19:02:28 -------- d-----w- c:\windows\system32\drivers\nis\1404000.028
2013-06-19 19:02:28 -------- d-----w- c:\windows\system32\drivers\NIS
2013-06-19 19:01:25 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\PCSettings
2013-06-19 17:21:00 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\nView_Wallpaper
2013-06-19 16:47:46 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\NortonInstaller
2013-06-19 16:32:57 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2013-06-19 16:13:26 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\IECompatCache
2013-06-19 16:08:49 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\PrivacIE
2013-06-19 16:05:33 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\IETldCache
2013-06-19 16:00:59 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-06-19 15:59:02 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2013-06-19 15:59:01 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-06-19 15:59:01 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-06-19 14:22:51 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\NPE
2013-06-19 14:21:01 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\Norton
2013-06-19 10:56:26 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2013-06-19 10:56:26 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2013-06-19 10:56:25 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2013-06-19 10:56:25 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2013-06-19 10:56:25 2005504 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-06-19 10:56:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-06-19 10:56:21 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2013-06-19 10:56:20 11112960 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-06-19 10:40:11 -------- dc-h--w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\Common Files
2013-06-19 10:38:28 29024 ----a-w- c:\windows\system32\uxtuneup.dll
2013-06-19 10:34:41 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-06-19 10:32:12 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\anwendungsdaten\TuneUp Software
2013-06-19 10:30:50 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\TuneUp Software
2013-06-19 10:29:01 -------- dcsh--w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-06-19 10:04:43 -------- dc----w- c:\dokumente und einstellungen\all users.windows\anwendungsdaten\NVIDIA Corporation
2013-06-19 10:01:55 65536 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-19 10:01:49 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-06-19 10:01:48 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-06-19 10:01:48 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-06-19 10:01:07 5967872 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-19 10:01:04 19189760 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-19 10:01:03 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-06-19 10:01:02 7536640 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-19 10:01:02 2581792 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-19 10:01:02 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-19 10:01:02 1010464 ----a-w- c:\windows\system32\nvdispco32.dll
2013-06-19 10:00:47 2389504 ----a-w- c:\windows\system32\nvapi.dll
2013-06-19 10:00:47 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-19 10:00:46 4494336 -c--a-w- c:\windows\system32\dllcache\nv4_disp.dll
2013-06-19 10:00:46 4494336 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-19 10:00:46 12648960 -c--a-w- c:\windows\system32\dllcache\nv4_mini.sys
2013-06-19 10:00:46 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-19 01:18:55 273024 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-06-19 01:18:55 273024 ------w- c:\windows\system32\drivers\bthport.sys
2013-06-19 01:18:19 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2013-06-19 01:15:27 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-06-19 01:14:17 293376 ------w- c:\windows\system32\browserchoice.exe
2013-06-19 01:12:24 -------- dcsh--w- c:\dokumente und einstellungen\tom.frank-b\UserData
2013-06-19 01:11:34 -------- dc----w- c:\dokumente und einstellungen\tom.frank-b\lokale einstellungen\anwendungsdaten\Identities
2013-06-19 01:10:12 2152448 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-06-19 01:10:12 2031104 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-06-19 01:10:11 2195840 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-06-19 01:10:10 2072448 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-06-19 01:08:39 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-06-19 01:08:39 3072 ------w- c:\windows\system32\iacenc.dll
2013-06-19 01:00:30 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2013-06-19 00:45:10 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2013-06-19 00:44:59 21896 -c--a-w- c:\windows\system32\dllcache\tdipx.sys
2013-06-19 00:43:59 65536 -c--a-w- c:\windows\system32\dllcache\EXCH_mailmsg.dll
2013-06-19 00:42:59 6656 -c--a-w- c:\windows\system32\dllcache\c_is2022.dll
2013-06-19 00:39:35 -------- dcsh--w- c:\dokumente und einstellungen\all users.windows\DRM
2013-06-19 00:37:54 565760 -c--a-w- c:\windows\system32\dllcache\msobmain.dll
2013-06-19 00:35:49 33792 ----a-w- c:\programme\messenger\custsat.dll
2013-06-18 21:41:41 83968 ----a-w- c:\programme\messenger\msgsc.dll
2013-06-18 21:41:41 180224 ----a-w- c:\programme\messenger\msgslang.dll
2013-06-18 21:41:41 1695232 ------w- c:\programme\messenger\msmsgs.exe
2013-06-18 21:41:40 -------- d-----w- c:\programme\Messenger
2013-06-18 16:57:09 -------- dc----w- C:\$WIN_NT$.~BT
2013-06-18 16:57:01 -------- d-----w- c:\windows\setup.pss
2013-06-18 16:56:38 -------- d-----w- c:\windows\setupupd
2013-06-11 13:59:37 -------- d-----w- c:\programme\iPod
2013-06-11 13:58:51 -------- d-----w- c:\programme\iTunes
.
==================== Find3M ====================
.
2013-05-07 22:28:27 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:28:26 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:28:26 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53:29 385024 ------w- c:\windows\system32\html.iec
2013-05-03 05:39:13 2195840 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39:13 2072448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-12 14:00:54 1876480 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 13:20:25,62 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-04 13:29:16
-----------------------------
13:29:16.250 OS Version: Windows 5.1.2600 Service Pack 3
13:29:16.250 Number of processors: 1 586 0x209
13:29:16.250 ComputerName: FRANK-B UserName: Tom
13:29:19.625 Initialize success
13:33:37.890 AVAST engine defs: 13070400
13:33:47.953 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
13:33:47.953 Disk 0 Vendor: ST380020A 3.34 Size: 76319MB BusType: 3
13:33:47.968 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
13:33:47.968 Disk 1 Vendor: WDC_WD1600BB-00GUA0 08.02D08 Size: 152627MB BusType: 3
13:33:48.453 Disk 0 MBR read successfully
13:33:48.453 Disk 0 MBR scan
13:33:48.453 Disk 0 Windows XP default MBR code
13:33:48.453 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
13:33:48.468 Disk 0 scanning sectors +156280320
13:33:48.734 Disk 0 scanning C:\WINDOWS\system32\drivers
13:34:03.187 Service scanning
13:34:54.343 Modules scanning
13:35:16.359 Disk 0 trace - called modules:
13:35:16.390 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
13:35:16.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89b75ab8]
13:35:16.390 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000067[0x89bc3f18]
13:35:16.390 5 ACPI.sys[f75ad620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x89be1d98]
13:35:16.859 AVAST engine scan C:\WINDOWS
13:35:29.875 AVAST engine scan C:\WINDOWS\system32
13:39:59.484 AVAST engine scan C:\WINDOWS\system32\drivers
13:40:19.796 AVAST engine scan C:\Dokumente und Einstellungen\Tom.FRANK-B
13:41:38.765 Disk 0 MBR has been saved successfully to "\\Frank-a\unsere dokumente\Schriftstücke\Spybot\MBR.dat"
13:41:38.781 The log file has been saved successfully to "\\Frank-a\unsere dokumente\Schriftstücke\Spybot\aswMBR.txt"
:welcome:
uProxyServer = localhost:21320 <--Did you set this proxy server ? Is this a company computer ?
thomas frank mas
2013-07-05, 12:10
Hi!
Sorry I do not know anything about proxy. I have not set one. This is a private computer, it is in a net with an other one.
Good Morning,
Lets do this
Please download Malwarebytes Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.
Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan as shown below.
http://i1224.photobucket.com/albums/ee380/jeffce74/MBAM-2.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
OTL by OldTimer
Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
thomas frank mas
2013-07-05, 16:42
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.07.05.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Tom :: FRANK-B [Administrator]
Schutz: Aktiviert
05.07.2013 15:24:44
mbam-log-2013-07-05 (15-24-44).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 406304
Laufzeit: 37 Minute(n), 21 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
thomas frank mas
2013-07-05, 16:43
OTL Extras logfile created on: 05.07.2013 16:21:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,53% Memory free
3,85 Gb Paging File | 2,98 Gb Available in Paging File | 77,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 43,71 Gb Free Space | 58,65% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 43,00 Gb Free Space | 28,85% Space Free | Partition Type: NTFS
Computer Name: FRANK-B | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft\Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft\Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Programme\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\File Type Assistant\tsassist.exe" = C:\Programme\File Type Assistant\tsassist.exe:*:Enabled:ProgramUpdateCheck -- (Trusted Software ApS)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe" = C:\Programme\Applian Technologies\Freecorder 8 Applications\Torrent\aria2c.exe:*:Enabled:Freecorder 8 Applications Torrent Module -- ()
"C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe" = C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Programme\APPLE\iTunes.exe" = C:\Programme\APPLE\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}" = Google Earth
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{69F962F7-3761-4704-9E4B-24FF10F77111}" = MagicTune Premium
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90260407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"C-Media Audio Driver" = C-Media WDM Audio Driver
"Cyberduck" = Cyberduck 4.1.2 (8999)
"DivX Setup" = DivX-Setup
"ERUNT_is1" = ERUNT 1.1j
"FinalMediaPlayer_is1" = Final Media Player 2012
"Free Studio_is1" = Free Studio version 2013
"Freecorder 8 Applications" = Freecorder 8 Applications (8.0.0.96)
"Freecorder extension" = Freecorder extension
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"sp6" = Logitech SetPoint 6.52
"Trusted Software Assistant_is1" = File Type Assistant
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.06.2013 19:08:42 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.
Error - 27.06.2013 19:08:44 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.
Error - 27.06.2013 20:10:44 | Computer Name = FRANK-B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung rundll32.exe, Version 5.1.2600.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 27.06.2013 20:10:57 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 734562961.
Error - 29.06.2013 06:25:13 | Computer Name = FRANK-B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iTunes.exe, Version 11.0.4.4, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.06.2013 06:25:20 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich -664088378.
Error - 29.06.2013 06:30:30 | Computer Name = FRANK-B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.06.2013 06:31:39 | Computer Name = FRANK-B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 29.06.2013 06:31:40 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.
Error - 29.06.2013 06:31:45 | Computer Name = FRANK-B | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.
[ System Events ]
Error - 02.07.2013 08:16:02 | Computer Name = FRANK-B | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 02.07.2013 08:20:42 | Computer Name = FRANK-B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 03.07.2013 08:21:30 | Computer Name = FRANK-B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 03.07.2013 08:22:01 | Computer Name = FRANK-B | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D
2 Security Center Service.
Error - 03.07.2013 08:22:01 | Computer Name = FRANK-B | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 03.07.2013 08:22:02 | Computer Name = FRANK-B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 03.07.2013 08:27:03 | Computer Name = FRANK-B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 04.07.2013 06:09:54 | Computer Name = FRANK-B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "WSearch"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 04.07.2013 06:10:35 | Computer Name = FRANK-B | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D
2 Security Center Service.
Error - 04.07.2013 06:10:35 | Computer Name = FRANK-B | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
< End of report >
thomas frank mas
2013-07-05, 17:32
OTL logfile created on: 05.07.2013 16:21:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 48,53% Memory free
3,85 Gb Paging File | 2,98 Gb Available in Paging File | 77,46% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 43,71 Gb Free Space | 58,65% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 43,00 Gb Free Space | 28,85% Space Free | Partition Type: NTFS
Computer Name: FRANK-B | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
PRC - C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\Freecorder extension\BackgroundHost.exe ()
PRC - c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
PRC - C:\Programme\MagicTune Premium\MagicTune.exe (SEC)
PRC - C:\Programme\MagicTune Premium\GammaTray.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Freecorder extension\BackgroundHost.exe ()
MOD - C:\Programme\Freecorder extension\ButtonSite.dll ()
MOD - C:\Programme\Freecorder extension\RegistryHelper.dll ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\sqlite3.dll ()
MOD - C:\Programme\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\av\BDSmartDB.dll ()
MOD - C:\Programme\MagicTune Premium\MTResGer.dll ()
MOD - C:\Programme\MagicTune Premium\HzZone.dll ()
MOD - C:\Programme\MagicTune Premium\Highlight.dll ()
MOD - C:\Programme\MagicTune Premium\DProfile.dll ()
MOD - C:\Programme\MagicTune Premium\EProfile.dll ()
MOD - C:\Programme\MagicTune Premium\VESADll.dll ()
MOD - C:\Programme\MagicTune Premium\IProfile.dll ()
MOD - C:\Programme\MagicTune Premium\DeviceInterface.dll ()
MOD - c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - \\?\C:\Programme\Safer Networking\Spybot - Search & Destroy 2\av\avxdisk.dll ()
MOD - C:\Programme\MagicTune Premium\GammaTray.exe ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDUpdateService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDScannerService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (NIS) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Apple Mobile Device) -- c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mbr) -- C:\DOKUME~1\TOM~1.FRA\LOKALE~1\Temp\mbr.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswMBR) -- C:\DOKUME~1\TOM~1.FRA\LOKALE~1\Temp\aswMBR.sys File not found
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130704.001\IDSXpx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.002\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130705.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymEFA.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymDS.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys (Symantec Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (cpuz135) -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys (CPUID)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.upc.at/
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7WQIB_deAT541
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=sb&qsrc=2869
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\APPLE\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.06.20 15:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.04 12:12:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.06.22 21:33:03 | 000,000,000 | ---D | M]
[2013.03.28 00:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O1 HOSTS File: ([2013.07.03 00:31:31 | 000,449,428 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15430 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Freecorder extension) - {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} - C:\Programme\Freecorder extension\ScriptHost.dll (Applian Technologies Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MagicTuneLauncher] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk = C:\Programme\MagicTune Premium\GammaTray.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371604349625 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6775AE-C5DE-4202-A172-E809EB93E068}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\GEMEIN~1\JAKSTA~1\AUDIOC~1\jaudcap.dll) - C:\Programme\Gemeinsame Dateien\Jaksta Technologies\Audio Capture\jaudcap.dll (Jaksta Technologies Pty Ltd)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\connect.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\finalmediaplayer.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setpoint.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\softwareupdate.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
thomas frank mas
2013-07-05, 17:39
[2013.06.20 00:38:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\NVIDIA
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1404000.028
[2013.06.19 21:01:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PCSettings
[2013.06.19 19:21:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\nView_Wallpaper
[2013.06.19 18:47:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NortonInstaller
[2013.06.19 18:32:57 | 000,877,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2013.06.19 18:13:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\IECompatCache
[2013.06.19 18:08:49 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\PrivacIE
[2013.06.19 18:07:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Windows Genuine Advantage
[2013.06.19 18:05:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\IETldCache
[2013.06.19 18:00:59 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.06.19 17:59:01 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.06.19 16:22:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\NPE
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Norton
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Norton
[2013.06.19 16:21:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton
[2013.06.19 12:56:26 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2013.06.19 12:56:26 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2013.06.19 12:56:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2013.06.19 12:56:25 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.06.19 12:56:25 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.06.19 12:56:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2013.06.19 12:56:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.06.19 12:56:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2013.06.19 12:56:20 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.06.19 12:40:11 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Common Files
[2013.06.19 12:38:28 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013.06.19 12:34:41 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013.06.19 12:34:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012
[2013.06.19 12:32:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\TuneUp Software
[2013.06.19 12:30:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\TuneUp Software
[2013.06.19 12:29:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013.06.19 12:04:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA Corporation
[2013.06.19 12:04:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA
[2013.06.19 12:01:55 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013.06.19 12:01:07 | 005,967,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2013.06.19 12:01:04 | 019,189,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2013.06.19 12:01:03 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2013.06.19 12:01:02 | 007,536,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2013.06.19 12:01:02 | 002,581,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2013.06.19 12:01:02 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2013.06.19 12:01:02 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2013.06.19 12:00:47 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2013.06.19 12:00:47 | 002,389,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2013.06.19 12:00:46 | 012,648,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2013.06.19 03:18:55 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013.06.19 03:18:19 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.06.19 03:15:27 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.06.19 03:14:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.06.19 03:12:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\UserData
[2013.06.19 03:11:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Identities
[2013.06.19 03:10:12 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.06.19 03:10:12 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.06.19 03:10:11 | 002,195,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.06.19 03:10:10 | 002,072,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.06.19 03:00:30 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.06.19 02:56:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Identities
[2013.06.19 02:54:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Eigene Musik
[2013.06.19 02:54:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien
[2013.06.19 02:54:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Eigene Bilder
[2013.06.19 02:54:44 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Microsoft
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\SendTo
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Recent
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Zubehör
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Favoriten
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Autostart
[2013.06.19 02:54:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Cookies
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Vorlagen
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Netzwerkumgebung
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Druckumgebung
[2013.06.19 02:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013.06.19 02:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
[2013.06.19 02:45:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.06.19 02:45:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.06.19 02:45:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.06.19 02:45:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.06.19 02:45:10 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.06.19 02:45:10 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.06.19 02:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2013.06.19 02:45:08 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2013.06.19 02:45:08 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2013.06.19 02:45:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013.06.19 02:45:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013.06.19 02:45:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013.06.19 02:45:07 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.06.19 02:45:07 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.06.19 02:45:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013.06.19 02:45:06 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.06.19 02:45:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2013.06.19 02:45:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.06.19 02:45:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.06.19 02:45:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.06.19 02:45:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2013.06.19 02:45:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.06.19 02:45:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.06.19 02:45:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.06.19 02:45:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.06.19 02:45:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.06.19 02:44:59 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.06.19 02:44:59 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.06.19 02:44:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.06.19 02:44:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2013.06.19 02:44:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2013.06.19 02:44:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2013.06.19 02:44:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013.06.19 02:44:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.06.19 02:44:53 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.06.19 02:44:52 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2013.06.19 02:44:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2013.06.19 02:44:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.06.19 02:44:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2013.06.19 02:44:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.06.19 02:44:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2013.06.19 02:44:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2013.06.19 02:44:51 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2013.06.19 02:44:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2013.06.19 02:44:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2013.06.19 02:44:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.06.19 02:44:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2013.06.19 02:44:49 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2013.06.19 02:44:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.06.19 02:44:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.06.19 02:44:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.06.19 02:44:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.06.19 02:44:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.06.19 02:44:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.06.19 02:44:43 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2013.06.19 02:44:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.06.19 02:44:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.06.19 02:44:40 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013.06.19 02:44:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2013.06.19 02:44:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2013.06.19 02:44:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.06.19 02:44:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2013.06.19 02:44:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.06.19 02:44:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.06.19 02:44:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.06.19 02:44:35 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2013.06.19 02:44:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.06.19 02:44:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.06.19 02:44:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2013.06.19 02:44:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.06.19 02:44:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.06.19 02:44:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.06.19 02:44:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.06.19 02:44:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.06.19 02:44:31 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.06.19 02:44:31 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.06.19 02:44:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.06.19 02:44:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013.06.19 02:44:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013.06.19 02:44:29 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.06.19 02:44:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.06.19 02:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.06.19 02:44:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.06.19 02:44:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.06.19 02:44:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2013.06.19 02:44:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013.06.19 02:44:19 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.06.19 02:44:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2013.06.19 02:44:14 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.06.19 02:44:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.06.19 02:44:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2013.06.19 02:44:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2013.06.19 02:44:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.06.19 02:44:01 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.06.19 02:44:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2013.06.19 02:44:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2013.06.19 02:44:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013.06.19 02:43:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.06.19 02:43:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2013.06.19 02:43:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2013.06.19 02:43:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2013.06.19 02:43:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013.06.19 02:43:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2013.06.19 02:43:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.06.19 02:43:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.06.19 02:43:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.06.19 02:43:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.06.19 02:43:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.06.19 02:43:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2013.06.19 02:43:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.06.19 02:43:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.06.19 02:43:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.06.19 02:43:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2013.06.19 02:43:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013.06.19 02:43:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2013.06.19 02:43:47 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.06.19 02:43:47 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.06.19 02:43:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2013.06.19 02:43:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2013.06.19 02:43:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013.06.19 02:43:46 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.06.19 02:43:46 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.06.19 02:43:46 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.06.19 02:43:46 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.06.19 02:43:46 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.06.19 02:43:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.06.19 02:43:46 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.06.19 02:43:45 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.06.19 02:43:45 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.06.19 02:43:45 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.06.19 02:43:45 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.06.19 02:43:45 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.06.19 02:43:45 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.06.19 02:43:45 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.06.19 02:43:44 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.06.19 02:43:44 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.06.19 02:43:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.06.19 02:43:44 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.06.19 02:43:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.06.19 02:43:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.06.19 02:43:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.06.19 02:43:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013.06.19 02:43:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2013.06.19 02:43:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2013.06.19 02:43:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013.06.19 02:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2013.06.19 02:43:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013.06.19 02:43:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2013.06.19 02:43:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013.06.19 02:43:38 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.06.19 02:43:32 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.06.19 02:43:31 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2013.06.19 02:43:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2013.06.19 02:43:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2013.06.19 02:43:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2013.06.19 02:43:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.06.19 02:43:29 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2013.06.19 02:43:27 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2013.06.19 02:43:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2013.06.19 02:43:27 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2013.06.19 02:43:27 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2013.06.19 02:43:27 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2013.06.19 02:43:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2013.06.19 02:43:27 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2013.06.19 02:43:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.06.19 02:43:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.06.19 02:43:26 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2013.06.19 02:43:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2013.06.19 02:43:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2013.06.19 02:43:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.06.19 02:43:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2013.06.19 02:43:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2013.06.19 02:43:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2013.06.19 02:43:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2013.06.19 02:43:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2013.06.19 02:43:25 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2013.06.19 02:43:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2013.06.19 02:43:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.06.19 02:43:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.06.19 02:43:24 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2013.06.19 02:43:24 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2013.06.19 02:43:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.06.19 02:43:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.06.19 02:43:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2013.06.19 02:43:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
n.dll
thomas frank mas
2013-07-05, 17:42
[2013.06.19 02:43:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2013.06.19 02:43:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2013.06.19 02:43:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2013.06.19 02:43:21 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.06.19 02:43:21 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.06.19 02:43:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.06.19 02:43:21 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.06.19 02:43:20 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.06.19 02:43:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013.06.19 02:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2013.06.19 02:43:07 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.06.19 02:43:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013.06.19 02:43:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013.06.19 02:43:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013.06.19 02:43:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.06.19 02:43:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2013.06.19 02:43:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.06.19 02:43:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.06.19 02:43:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.06.19 02:43:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.06.19 02:43:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.06.19 02:43:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.06.19 02:43:01 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.06.19 02:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.06.19 02:43:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.06.19 02:43:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.06.19 02:43:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.06.19 02:43:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013.06.19 02:42:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2013.06.19 02:42:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.06.19 02:42:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.06.19 02:42:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.06.19 02:42:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013.06.19 02:42:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013.06.19 02:42:49 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2013.06.19 02:42:49 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2013.06.19 02:42:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013.06.19 02:42:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013.06.19 02:42:48 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2013.06.19 02:42:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2013.06.19 02:42:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2013.06.19 02:42:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.06.19 02:42:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013.06.19 02:42:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2013.06.19 02:42:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013.06.19 02:42:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013.06.19 02:42:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2013.06.19 02:42:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2013.06.19 02:42:38 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2013.06.19 02:42:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.06.19 02:42:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2013.06.19 02:42:36 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2013.06.19 02:42:36 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2013.06.19 02:42:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2013.06.19 02:42:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2013.06.19 02:42:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013.06.19 02:42:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2013.06.19 02:42:26 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2013.06.19 02:42:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013.06.19 02:42:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2013.06.19 02:42:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2013.06.19 02:42:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2013.06.19 02:42:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2013.06.19 02:42:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013.06.19 02:42:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013.06.19 02:42:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013.06.19 02:42:25 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2013.06.19 02:42:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.06.19 02:42:25 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2013.06.19 02:42:25 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2013.06.19 02:42:25 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2013.06.19 02:42:25 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2013.06.19 02:42:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013.06.19 02:42:24 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2013.06.19 02:42:24 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2013.06.19 02:42:24 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2013.06.19 02:42:24 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2013.06.19 02:42:24 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2013.06.19 02:42:24 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2013.06.19 02:42:24 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2013.06.19 02:42:24 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2013.06.19 02:42:24 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2013.06.19 02:42:23 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2013.06.19 02:42:23 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2013.06.19 02:42:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2013.06.19 02:42:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2013.06.19 02:42:22 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2013.06.19 02:42:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2013.06.19 02:42:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013.06.19 02:42:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2013.06.19 02:42:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2013.06.19 02:42:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2013.06.19 02:42:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2013.06.19 02:42:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2013.06.19 02:41:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.06.19 02:39:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\DRM
[2013.06.19 02:38:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.06.19 02:38:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.06.19 02:38:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.06.19 02:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.06.19 02:38:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.06.19 02:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.06.19 02:38:10 | 000,727,614 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2013.06.19 02:38:10 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2013.06.19 02:38:09 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2013.06.19 02:38:08 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.06.19 02:38:08 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2013.06.19 02:38:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.06.19 02:38:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2013.06.19 02:38:07 | 001,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.06.19 02:38:07 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.06.19 02:38:07 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.06.19 02:38:07 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2013.06.19 02:38:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.06.19 02:38:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.06.19 02:37:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2013.06.19 02:37:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2013.06.19 02:37:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2013.06.19 02:37:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2013.06.19 02:37:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2013.06.19 02:37:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2013.06.19 02:37:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2013.06.19 02:37:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2013.06.19 02:37:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2013.06.19 02:37:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2013.06.19 02:37:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013.06.19 02:37:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2013.06.19 02:37:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2013.06.19 02:37:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2013.06.19 02:37:47 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2013.06.19 02:37:47 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2013.06.19 02:37:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2013.06.19 02:37:46 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2013.06.19 02:37:46 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2013.06.19 02:37:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2013.06.19 02:37:45 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2013.06.19 02:37:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2013.06.19 02:37:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2013.06.19 02:37:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2013.06.19 02:37:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder
[2013.06.19 02:36:51 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spiele
[2013.06.19 02:36:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Verwaltung
[2013.06.19 02:36:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.06.19 02:35:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.06.19 02:35:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.06.19 02:35:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.06.19 02:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.06.19 02:35:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.06.19 02:35:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.06.19 02:35:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.06.19 02:35:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.06.19 02:35:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.06.19 02:35:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.06.19 02:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.06.19 02:35:26 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.06.19 02:35:26 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.06.19 02:35:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.06.19 02:35:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.06.19 02:35:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.06.19 02:35:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.06.19 02:35:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.06.19 02:35:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.06.19 02:35:25 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2013.06.19 02:35:23 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2013.06.19 02:35:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2013.06.19 02:35:23 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2013.06.19 02:35:22 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013.06.19 02:35:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.06.19 02:35:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2013.06.19 02:35:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.06.19 02:35:21 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.06.19 02:35:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.06.19 02:35:19 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.06.19 02:35:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddi
Hi,
Hope your doing well .
Malwarebytes looks fine, lets get rid of that proxy.
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
IE - HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Then if you can post the log that Spybot produced showing the bad entry, if you cant find it than run a few scan with Spybot and post the log please
thomas frank mas
2013-07-06, 07:00
Good morning Ken!
I run OTL now uninterrupted for six and a half hour. It showed "killing process. DO NOT INTERRUPT". now I tried to stop it. No reaction. When I entered the thread to reply I could write only the first two sentences then the cursor became hourglass. I work with two displays at that machine. I changed to the second computer in the net. Shall I restart the computer? Or what to do?
The problem is, I have to leave the location at 1200 o'clock and will return to morrow in the evening. So there will be no connection in this time.
Thak you for your efforts so far.
Tom
Tom,
You can hit CTRL...ALT...DEL on your keyboard , when Task Manager opens under Applications, highlight OTL and select End Task.
If that doesn't work than just press and hold the Power Button on your computer until it shuts down.
Something on your system is preventing OTL from working, try the same fix in Safemode
To Enter Safemode
Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode (http://www.bleepingcomputer.com/tutorials/tutorial61.html)
thomas frank mas
2013-07-07, 14:58
Hi Ken!
Thank you for your instructions how to open safemode, I luckily know that.
Following the OTL results and the log I think It was which showed the bad entry.
All processes killed
========== OTL ==========
Unable to set value : HKU\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 130045 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 34346 bytes
User: LocalService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT-AUTORITÄT.000
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 227875 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 129954709 bytes
User: NetworkService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
User: NetworkService.NT-AUTORITÄT.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33275 bytes
User: Tom
->Temp folder emptied: 29971923 bytes
->Temporary Internet Files folder emptied: 320820312 bytes
->Java cache emptied: 2594181 bytes
->Google Chrome cache emptied: 24042068 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 61263 bytes
User: Tom.FRANK-B
->Temp folder emptied: 114263110 bytes
->Temporary Internet Files folder emptied: 236924349 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1507 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: UpdatusUser.FRANK-B
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 34730 bytes
->Flash cache emptied: 56466 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2352202 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 50153 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 822,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07072013_140026
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Search results from Spybot - Search & Destroy
01.07.2013 10:34:37
Scan took 00:35:31.
59 items found.
Anchor.Hss: [SBI $5B773E15] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Conduit
Toolbar.Snap.do: [SBI $72A44D72] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\URL
Toolbar.Snap.do: [SBI $A15DF0E0] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\
Toolbar.Snap.do: [SBI $946FBA81] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Search Page
Toolbar.Snap.do: [SBI $AFDBE44E] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Start Page
Toolbar.Snap.do: [SBI $D834DFDE] IE Search page (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Search Bar
Toolbar.Snap.do: [SBI $D834DFDE] IE Search page (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Search\SearchAssistant
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\YZR68AL8\play.snacktv.de\com.jeroenwijering.sol
Properties.size=50
Properties.md5=BFBB0324F79BB02B5ED209A14845C0FD
Properties.filedate=1372079022
Properties.filedatetext=2013-06-24 15:03:41
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\YZR68AL8\stream.pornorio.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=FCA75921AA069180DD31EBA72DE4002E
Properties.filedate=1372369876
Properties.filedatetext=2013-06-27 23:51:15
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\YZR68AL8\www.youporn-deutsch.com\com.jeroenwijering.sol
Properties.size=54
Properties.md5=4EDC01513FF43EE4EAABE871F3B3E1D6
Properties.filedate=1372458309
Properties.filedatetext=2013-06-29 00:25:09
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\YZR68AL8\www.pornme.com\tag.swf\tag.sol
Properties.size=72
Properties.md5=234A966AE1D0539630F70EE35CDB5E95
Properties.filedate=1372457531
Properties.filedatetext=2013-06-29 00:12:11
Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Tom) (Browser: Cookie, nothing done)
Common Dialogs: [SBI $8E73A7FB] History (27 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\PE_C0_S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist
MS Media Player: [SBI $1BDA487B] Last selected track index (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\PE_C0_S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Office 11.0: [SBI $53EEAC4B] Last opened-from-web file (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Office\11.0\Common\Internet\UseRWHlinkNavigation
MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Office\11.0\Word\Data\Settings
MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Search Assistant\ACMru
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Cookie: [SBI $49804B54] Browser: Cookie (243) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (11661) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (830) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (3) (Browser: Cache, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-29 spybotsd2-installer.exe (2.1.20.0)
2013-06-19 spybotsd2-translation-frx.exe
2013-06-29 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-06-25 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-06-25 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-06-25 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-06-19 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-06-25 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
I hope it is the one, because I am not able to identify the entry.
Hi,
You have Snap.do and conduit on your Spybot scan, lets run a different program as there may be more than just what the scan picked up, also the proxy setting entry was not removed
Download ComboFix from one of these locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RC1.png
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/RC2-1.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
thomas frank mas
2013-07-07, 21:25
Hi Ken!
There is the log. Hope it helps.
ComboFix 13-07-07.01 - Tom 07.07.2013 20:41:34.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1176 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Tom.FRANK-B\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Tom\WINDOWS
C:\install.exe
c:\programme\Freecorder extension\ScRIpthost.dll
c:\windows\system32\msssc.dll
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-07 bis 2013-07-07 ))))))))))))))))))))))))))))))
.
.
2013-07-07 11:35 . 2013-07-07 11:36 -------- dc----w- c:\dokumente und einstellungen\Administrator
2013-07-05 22:31 . 2013-07-05 22:31 -------- dc----w- C:\_OTL
2013-07-05 13:07 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-05 13:07 . 2013-07-05 13:07 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2013-07-04 11:08 . 2013-07-04 11:08 -------- d-----w- c:\programme\ERUNT
2013-06-29 16:42 . 2009-01-25 11:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-06-29 10:20 . 2001-08-18 02:54 5632 ----a-w- c:\windows\system32\ptpusb.dll
2013-06-29 10:20 . 2008-04-14 05:52 159232 ----a-w- c:\windows\system32\ptpusd.dll
2013-06-29 10:20 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-06-28 18:57 . 2008-04-13 20:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2013-06-28 18:57 . 2008-04-13 20:06 84480 ----a-w- c:\windows\system32\drivers\ac97via.sys
2013-06-28 12:56 . 2003-07-14 20:57 102968 ----a-w- c:\windows\system32\IMEKR70.IME
2013-06-28 12:56 . 2010-04-22 12:33 14336 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys
2013-06-26 12:31 . 2013-06-26 12:31 -------- d-----w- c:\programme\Gemeinsame Dateien\Jaksta Technologies
2013-06-25 14:24 . 2013-06-25 14:25 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2013-06-25 13:19 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-06-25 13:19 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2013-06-25 13:19 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-06-25 13:19 . 2013-06-25 13:19 -------- dc----w- C:\ca9b08492440786b47e613
2013-06-24 11:54 . 2013-06-24 11:54 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-06-24 11:52 . 2013-01-03 08:18 12808 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin.dll
2013-06-23 11:24 . 2012-12-13 12:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2013-06-22 20:28 . 2003-11-10 16:14 729088 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-06-22 20:28 . 2003-11-10 16:13 69715 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-06-22 20:28 . 2003-11-10 16:12 266240 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-06-22 20:28 . 2003-11-10 16:12 192512 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-06-22 20:28 . 2003-11-10 16:11 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-06-22 20:28 . 2013-06-22 20:28 188548 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-06-22 20:28 . 2013-06-22 20:28 311428 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-06-22 20:27 . 2013-01-03 08:17 22664 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2013-06-22 20:26 . 2005-04-03 21:02 753664 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-06-22 20:26 . 2005-04-03 21:02 69714 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-06-22 20:26 . 2005-04-03 21:01 274432 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-06-22 20:26 . 2005-04-03 21:00 184320 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-06-22 20:26 . 2005-04-03 20:59 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-06-22 20:26 . 2013-06-22 20:26 200836 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-06-22 20:26 . 2013-06-22 20:26 331908 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-06-22 20:01 . 2008-05-02 10:49 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2013-06-22 20:01 . 2008-05-02 13:25 466944 ------w- c:\windows\system32\imapi2fs.dll
2013-06-22 20:01 . 2008-05-02 13:25 320512 ------w- c:\windows\system32\imapi2.dll
2013-06-22 19:30 . 2013-06-22 19:31 -------- d-----w- c:\programme\Gemeinsame Dateien\DivX Shared
2013-06-22 18:53 . 2013-06-19 15:50 -------- dc----w- C:\TEMP
2013-06-22 01:41 . 2001-08-17 12:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2013-06-22 01:40 . 2008-04-14 06:22 57728 ----a-w- c:\windows\system32\drivers\redbook.sys
2013-06-22 01:40 . 2001-08-17 12:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2013-06-22 01:40 . 2008-04-14 06:52 28160 ----a-w- c:\windows\system32\irmon.dll
2013-06-22 01:40 . 2008-04-13 23:24 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2013-06-22 01:40 . 2008-04-14 06:52 153088 ----a-w- c:\windows\system32\irftp.exe
2013-06-22 01:40 . 2001-08-17 12:51 18688 ----a-w- c:\windows\system32\drivers\irsir.sys
2013-06-22 01:39 . 2008-04-13 23:06 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2013-06-22 01:39 . 2008-04-13 21:05 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2013-06-22 01:33 . 2013-06-19 00:54 -------- dc-h--w- c:\dokumente und einstellungen\Default User.WINDOWS
2013-06-22 01:33 . 2013-06-19 00:39 -------- dc----w- c:\dokumente und einstellungen\All Users.WINDOWS
2013-06-22 01:27 . 2013-06-22 01:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-22 01:27 . 2013-06-22 01:27 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-22 00:57 . 2013-06-22 00:56 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-22 00:57 . 2013-06-22 00:56 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-21 17:37 . 2013-06-22 00:56 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-20 15:05 . 2008-04-13 22:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2013-06-20 14:03 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-06-20 14:03 . 2012-08-21 11:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2013-06-20 14:01 . 2013-06-29 18:15 -------- d-----w- c:\programme\APPLE
2013-06-20 12:57 . 2013-06-27 17:30 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-20 12:57 . 2013-06-27 17:30 -------- d-----w- c:\programme\Gemeinsame Dateien\Symantec Shared
2013-06-20 12:57 . 2013-06-20 12:57 -------- d-----w- c:\programme\Symantec
2013-06-20 12:56 . 2013-06-20 12:56 -------- d-----w- c:\programme\Norton Internet Security
2013-06-20 12:55 . 2013-06-20 12:55 -------- d-----w- c:\programme\NortonInstaller
2013-06-19 22:55 . 2012-02-29 20:30 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-19 19:02 . 2013-06-19 19:02 -------- d-----w- c:\windows\system32\drivers\NIS
2013-06-19 16:32 . 2011-10-08 04:50 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2013-06-19 10:04 . 2013-06-19 10:04 -------- dc----w- c:\dokumente und einstellungen\UpdatusUser
2013-06-19 10:01 . 2011-10-08 04:50 65536 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-19 10:01 . 2013-06-28 00:07 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-06-19 10:01 . 2013-06-28 00:07 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-06-19 10:01 . 2013-06-28 00:07 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-06-19 10:01 . 2013-02-08 03:02 5967872 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-19 10:01 . 2013-02-08 03:03 19189760 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-19 10:01 . 2013-02-08 03:02 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-06-19 10:01 . 2013-02-08 03:03 1010464 ----a-w- c:\windows\system32\nvdispco32.dll
2013-06-19 10:01 . 2013-02-08 03:02 7536640 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-19 10:01 . 2013-02-08 03:02 2581792 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-19 10:01 . 2013-02-08 03:02 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-19 10:00 . 2013-02-08 03:02 2389504 ----a-w- c:\windows\system32\nvapi.dll
2013-06-19 10:00 . 2013-02-08 03:02 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-19 10:00 . 2013-02-08 03:03 4494336 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-19 10:00 . 2013-02-08 03:02 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-19 01:18 . 2008-06-14 17:32 273024 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-06-19 01:18 . 2008-06-14 17:32 273024 ------w- c:\windows\system32\drivers\bthport.sys
2013-06-19 01:14 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2013-06-19 01:08 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-06-19 00:54 . 2013-07-05 22:20 -------- dc----w- c:\dokumente und einstellungen\Tom.FRANK-B
2013-06-19 00:42 . 2008-04-14 12:00 54528 -c--a-w- c:\windows\system32\dllcache\cap7146.sys
2013-06-19 00:37 . 2008-04-14 12:00 45568 ----a-w- c:\windows\system32\safrslv.dll
2013-06-19 00:35 . 2008-04-14 12:00 44544 ----a-w- c:\windows\system32\hticons.dll
2013-06-18 21:52 . 2013-06-18 21:52 -------- dcsh--w- c:\dokumente und einstellungen\LocalService.NT-AUTORITÄT
2013-06-18 21:52 . 2013-06-18 21:52 -------- dcsh--w- c:\dokumente und einstellungen\NetworkService.NT-AUTORITÄT
2013-06-18 16:57 . 2013-06-18 16:58 -------- dc----w- C:\$WIN_NT$.~BT
2013-06-11 13:59 . 2013-06-29 18:13 -------- d-----w- c:\programme\iPod
2013-06-11 13:58 . 2013-06-19 01:26 -------- d-----w- c:\programme\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-24 11:55 . 2013-06-24 11:55 53248 -c--a-r- c:\dokumente und einstellungen\Tom.FRANK-B\Anwendungsdaten\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-06-22 00:56 . 2013-06-22 00:57 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-07 22:28 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2008-04-14 12:00 2195840 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2008-04-14 07:30 2072448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-12 14:00 . 2008-04-14 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 17:05 280736 ----a-w- c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
"DivXMediaServer"="c:\programme\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\programme\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"EvtMgr6"="c:\programme\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2238704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
"MagicTuneLauncher"="c:\programme\MagicTune Premium\MagicTuneLauncher.exe" [2011-10-17 51712]
"SDTray"="c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"iTunesHelper"="c:\programme\APPLE\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\
GammaTray.lnk - c:\programme\MagicTune Premium\GammaTray.exe [2012-11-14 36864]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2013-02-08 18:30 66800 ----a-w- c:\programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"BrowserChoice"="c:\windows\system32\browserchoice.exe" /run
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\programme\APPLE\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Programme\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\File Type Assistant\\tsassist.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Applian Technologies\\Freecorder 8 Applications\\Torrent\\aria2c.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
"c:\\Programme\\APPLE\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows-Remoteverwaltung
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1404000.028\SymDS.sys [20.06.2013 14:56 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1404000.028\SymEFA.sys [20.06.2013 14:56 934488]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys [02.07.2013 19:58 1002072]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [20.06.2013 14:56 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1404000.028\Ironx86.sys [20.06.2013 14:56 175264]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24.06.2013 13:52 12808]
R2 MBAMScheduler;MBAMScheduler;c:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [05.07.2013 15:07 418376]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [05.07.2013 15:07 701512]
R2 NIS;Norton Internet Security;c:\programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [20.06.2013 14:56 144368]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe [29.06.2013 18:42 1033688]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [20.06.2013 15:06 106656]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSXpx86.sys [05.07.2013 22:28 373728]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05.07.2013 15:07 22856]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe [29.06.2013 18:42 1817560]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDWSCSvc.exe [29.06.2013 18:42 171928]
S3 cpuz135;cpuz135;c:\programme\CPUID\PC Wizard 2012\pcwiz_x32.sys [17.04.2012 15:21 24328]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [12.12.2011 19:31 10064]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [29.05.2012 13:09 1528672]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-22 01:27]
.
2013-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-07-07 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdate.exe [2013-06-29 08:58]
.
2013-06-28 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\programme\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-11-23 16:24]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-10-18 09:59]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-10-18 09:59]
.
2013-06-24 c:\windows\Tasks\ProgramRefresh-ATFST.job
- c:\programme\File Type Assistant\TSASetup.exe [2013-06-23 11:10]
.
2013-06-24 c:\windows\Tasks\ProgramUpdateCheck.job
- c:\programme\File Type Assistant\tsassist.exe [2011-11-23 11:09]
.
2013-07-02 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDImmunize.exe [2013-06-29 08:57]
.
2013-07-01 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDScan.exe [2013-06-29 08:58]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.upc.at/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:21320
IE: Free YouTube Download - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MI4D84~1\Office\OFFICE11\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Cmaudio - cmicnfg.cpl
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-07 21:01
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programme\Norton Internet Security\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(768)
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(1996)
c:\programme\Windows Desktop Search\deskbar.dll
c:\programme\Windows Desktop Search\de-de\dbres.dll.mui
c:\programme\Windows Desktop Search\dbres.dll
c:\programme\Windows Desktop Search\wordwheel.dll
c:\programme\Windows Desktop Search\de-de\msnlExtRes.dll.mui
c:\programme\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\Bonjour\mDNSResponder.exe
c:\programme\Java\jre7\bin\jqs.exe
c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\RunDll32.exe
c:\programme\Windows Desktop Search\WindowsSearch.exe
c:\programme\Gemeinsame Dateien\LogiShrd\KHAL3\KHALMNPR.EXE
c:\windows\system32\wscntfy.exe
c:\programme\iPod\bin\iPodService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-07 21:15:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-07-07 19:15
.
Vor Suchlauf: 13 Verzeichnis(se), 48.160.206.848 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 48.122.245.120 Bytes frei
.
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - F5E1CA19CBFAEA0392EAD331F4ABDC74
72B8CE41AF0DE751C946802B3ED844B4
Little difficult reading the logs, is this Dutch
Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above DDS::
DDS::
uProxyServer = localhost:21320
Save this as CFScript to your desktop.
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
http://i24.photobucket.com/albums/c30/ken545/CFScriptB-4.gif
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
Then run a new scan with OTL and post the new log please
thomas frank mas
2013-07-07, 23:15
ComboFix 13-07-08.02 - Tom 07.07.2013 22:20:54.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2047.1252 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Tom.FRANK-B\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Tom.FRANK-B\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users.WINDOWS\Desktop\Internet Security.lnk
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-07 bis 2013-07-07 ))))))))))))))))))))))))))))))
.
.
2013-07-07 11:35 . 2013-07-07 11:36 -------- dc----w- c:\dokumente und einstellungen\Administrator
2013-07-05 22:31 . 2013-07-05 22:31 -------- dc----w- C:\_OTL
2013-07-05 13:07 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-05 13:07 . 2013-07-05 13:07 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2013-07-04 11:08 . 2013-07-04 11:08 -------- d-----w- c:\programme\ERUNT
2013-06-29 16:42 . 2009-01-25 11:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-06-29 10:20 . 2001-08-18 02:54 5632 ----a-w- c:\windows\system32\ptpusb.dll
2013-06-29 10:20 . 2008-04-14 05:52 159232 ----a-w- c:\windows\system32\ptpusd.dll
2013-06-29 10:20 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-06-28 18:57 . 2008-04-13 20:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2013-06-28 18:57 . 2008-04-13 20:06 84480 ----a-w- c:\windows\system32\drivers\ac97via.sys
2013-06-28 12:56 . 2003-07-14 20:57 102968 ----a-w- c:\windows\system32\IMEKR70.IME
2013-06-28 12:56 . 2010-04-22 12:33 14336 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys
2013-06-26 12:31 . 2013-06-26 12:31 -------- d-----w- c:\programme\Gemeinsame Dateien\Jaksta Technologies
2013-06-25 16:35 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2013-06-25 14:24 . 2013-06-25 14:24 -------- d-----w- c:\windows\system32\winrm
2013-06-25 14:24 . 2013-06-25 14:25 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2013-06-25 13:19 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-06-25 13:19 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-06-25 13:19 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-06-25 13:19 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2013-06-25 13:19 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-06-25 13:19 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-06-25 13:19 . 2013-06-25 13:19 -------- dc----w- C:\ca9b08492440786b47e613
2013-06-25 13:10 . 2008-04-14 05:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-06-24 11:54 . 2013-06-24 11:54 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-06-24 11:54 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2013-06-24 11:52 . 2013-01-03 08:18 12808 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-24 10:55 . 2013-06-24 10:55 159744 ----a-w- c:\programme\Internet Explorer\Plugins\npqtplugin.dll
2013-06-23 11:24 . 2012-12-13 12:50 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2013-06-23 11:24 . 2012-12-13 12:50 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2013-06-22 20:28 . 2003-11-10 16:14 729088 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-06-22 20:28 . 2003-11-10 16:13 69715 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-06-22 20:28 . 2003-11-10 16:12 266240 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-06-22 20:28 . 2003-11-10 16:12 192512 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-06-22 20:28 . 2003-11-10 16:11 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-06-22 20:28 . 2013-06-22 20:28 188548 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-06-22 20:28 . 2013-06-22 20:28 311428 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-06-22 20:27 . 2013-01-03 08:17 22664 ----a-w- c:\windows\system32\drivers\L8042Kbd.sys
2013-06-22 20:26 . 2005-04-03 21:02 753664 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-06-22 20:26 . 2005-04-03 21:02 69714 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-06-22 20:26 . 2005-04-03 21:01 274432 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-06-22 20:26 . 2005-04-03 21:00 184320 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-06-22 20:26 . 2005-04-03 20:59 5632 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-06-22 20:26 . 2013-06-22 20:26 200836 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-06-22 20:26 . 2013-06-22 20:26 331908 ----a-w- c:\programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-06-22 20:01 . 2008-05-02 10:49 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2013-06-22 20:01 . 2008-05-02 13:25 466944 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2013-06-22 20:01 . 2008-05-02 13:25 466944 ------w- c:\windows\system32\imapi2fs.dll
2013-06-22 20:01 . 2008-05-02 13:25 320512 -c----w- c:\windows\system32\dllcache\imapi2.dll
2013-06-22 20:01 . 2008-05-02 13:25 320512 ------w- c:\windows\system32\imapi2.dll
2013-06-22 19:30 . 2013-06-22 19:31 -------- d-----w- c:\programme\Gemeinsame Dateien\DivX Shared
2013-06-22 18:53 . 2013-06-19 15:50 -------- dc----w- C:\TEMP
2013-06-22 01:41 . 2001-08-17 12:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2013-06-22 01:40 . 2008-04-14 06:22 57728 ----a-w- c:\windows\system32\drivers\redbook.sys
2013-06-22 01:40 . 2001-08-17 12:51 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2013-06-22 01:40 . 2008-04-14 06:52 28160 ----a-w- c:\windows\system32\irmon.dll
2013-06-22 01:40 . 2008-04-13 23:24 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2013-06-22 01:40 . 2008-04-14 06:52 153088 ----a-w- c:\windows\system32\irftp.exe
2013-06-22 01:40 . 2008-04-14 06:52 8192 ----a-w- c:\windows\system32\wshirda.dll
2013-06-22 01:40 . 2001-08-17 12:51 18688 ----a-w- c:\windows\system32\drivers\irsir.sys
2013-06-22 01:39 . 2008-04-14 06:52 77312 ----a-w- c:\windows\system32\usbui.dll
2013-06-22 01:39 . 2008-04-13 23:06 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2013-06-22 01:39 . 2008-04-13 21:05 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2013-06-22 01:33 . 2013-06-19 00:54 -------- dc-h--w- c:\dokumente und einstellungen\Default User.WINDOWS
2013-06-22 01:33 . 2013-06-19 00:39 -------- dc----w- c:\dokumente und einstellungen\All Users.WINDOWS
2013-06-22 01:27 . 2013-06-22 01:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-22 01:27 . 2013-06-22 01:27 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-22 00:57 . 2013-06-22 00:56 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-22 00:57 . 2013-06-22 00:56 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-22 00:57 . 2013-06-22 00:56 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-21 17:37 . 2013-06-22 00:56 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-20 15:05 . 2008-04-13 22:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2013-06-20 14:03 . 2012-08-21 11:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-06-20 14:03 . 2012-08-21 11:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2013-06-20 14:01 . 2013-06-29 18:15 -------- d-----w- c:\programme\APPLE
2013-06-20 12:57 . 2013-06-27 17:30 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-06-20 12:57 . 2013-06-27 17:30 -------- d-----w- c:\programme\Gemeinsame Dateien\Symantec Shared
2013-06-20 12:57 . 2013-06-20 12:57 -------- d-----w- c:\programme\Symantec
2013-06-20 12:56 . 2013-06-20 12:56 -------- d-----w- c:\programme\Norton Internet Security
2013-06-20 12:55 . 2013-06-20 12:55 -------- d-----w- c:\programme\NortonInstaller
2013-06-19 22:55 . 2012-02-29 20:30 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-06-19 19:02 . 2013-06-19 19:02 -------- d-----w- c:\windows\system32\drivers\NIS
2013-06-19 16:32 . 2011-10-08 04:50 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2013-06-19 16:00 . 2013-05-07 22:28 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-06-19 15:59 . 2013-05-07 22:28 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-06-19 15:59 . 2013-05-07 22:28 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-06-19 10:56 . 2009-03-08 02:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2013-06-19 10:56 . 2009-02-06 19:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2013-06-19 10:56 . 2013-05-07 22:28 2005504 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-06-19 10:56 . 2009-03-08 02:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2013-06-19 10:56 . 2013-05-17 20:02 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2013-06-19 10:56 . 2013-05-07 22:28 11112960 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-06-19 10:38 . 2012-05-29 11:09 29024 ----a-w- c:\windows\system32\uxtuneup.dll
2013-06-19 10:34 . 2012-05-29 11:09 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-06-19 10:04 . 2013-06-19 10:04 -------- dc----w- c:\dokumente und einstellungen\UpdatusUser
2013-06-19 10:01 . 2011-10-08 04:50 65536 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-19 10:01 . 2013-06-28 00:07 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-06-19 10:01 . 2013-06-28 00:07 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-06-19 10:01 . 2013-06-28 00:07 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-06-19 10:01 . 2013-02-08 03:02 5967872 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-19 10:01 . 2013-02-08 03:03 19189760 ----a-w- c:\windows\system32\nvoglnt.dll
2013-06-19 10:01 . 2013-02-08 03:02 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-06-19 10:01 . 2013-02-08 03:03 1010464 ----a-w- c:\windows\system32\nvdispco32.dll
2013-06-19 10:01 . 2013-02-08 03:02 7536640 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-19 10:01 . 2013-02-08 03:02 2581792 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-19 10:01 . 2013-02-08 03:02 1869088 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-19 10:00 . 2013-02-08 03:02 2389504 ----a-w- c:\windows\system32\nvapi.dll
2013-06-19 10:00 . 2013-02-08 03:02 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-19 10:00 . 2013-02-08 03:03 4494336 ----a-w- c:\windows\system32\nv4_disp.dll
2013-06-19 10:00 . 2013-02-08 03:02 12648960 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-06-19 01:18 . 2008-06-14 17:32 273024 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-06-19 01:18 . 2008-06-14 17:32 273024 ------w- c:\windows\system32\drivers\bthport.sys
2013-06-19 01:14 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2013-06-19 01:08 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-06-19 01:08 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-06-19 01:00 . 2009-05-12 13:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2013-06-19 00:54 . 2013-07-05 22:20 -------- dc----w- c:\dokumente und einstellungen\Tom.FRANK-B
2013-06-19 00:44 . 2001-08-18 02:54 7168 -c--a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2013-06-19 00:44 . 2001-08-18 02:54 12288 -c--a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2013-06-19 00:44 . 2001-08-18 02:54 26112 -c--a-w- c:\windows\system32\dllcache\EXCH_seos.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-07 22:28 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2008-04-14 12:00 2195840 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2008-04-14 07:30 2072448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\system32\QuickTime.qts
2013-04-12 14:00 . 2008-04-14 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 17:05 280736 ----a-w- c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
"DivXMediaServer"="c:\programme\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\programme\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"EvtMgr6"="c:\programme\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2238704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
"MagicTuneLauncher"="c:\programme\MagicTune Premium\MagicTuneLauncher.exe" [2011-10-17 51712]
"SDTray"="c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"iTunesHelper"="c:\programme\APPLE\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\
GammaTray.lnk - c:\programme\MagicTune Premium\GammaTray.exe [2012-11-14 36864]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2013-02-08 18:30 66800 ----a-w- c:\programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"BrowserChoice"="c:\windows\system32\browserchoice.exe" /run
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\programme\APPLE\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Programme\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\File Type Assistant\\tsassist.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Programme\\Applian Technologies\\Freecorder 8 Applications\\Torrent\\aria2c.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Programme\\Safer Networking\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
"c:\\Programme\\APPLE\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows-Remoteverwaltung
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1404000.028\SymDS.sys [20.06.2013 14:56 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1404000.028\SymEFA.sys [20.06.2013 14:56 934488]
R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys [02.07.2013 19:58 1002072]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [20.06.2013 14:56 134744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1404000.028\Ironx86.sys [20.06.2013 14:56 175264]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [24.06.2013 13:52 12808]
R2 MBAMScheduler;MBAMScheduler;c:\programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [05.07.2013 15:07 418376]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [05.07.2013 15:07 701512]
R2 NIS;Norton Internet Security;c:\programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [20.06.2013 14:56 144368]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe [29.06.2013 18:42 1033688]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [20.06.2013 15:06 106656]
R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSXpx86.sys [05.07.2013 22:28 373728]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05.07.2013 15:07 22856]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDFSSvc.exe [29.06.2013 18:42 1817560]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDWSCSvc.exe [29.06.2013 18:42 171928]
S3 cpuz135;cpuz135;c:\programme\CPUID\PC Wizard 2012\pcwiz_x32.sys [17.04.2012 15:21 24328]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [12.12.2011 19:31 10064]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [29.05.2012 13:09 1528672]
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-22 01:27]
.
2013-06-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2013-07-07 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdate.exe [2013-06-29 08:58]
.
2013-06-28 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\programme\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-11-23 16:24]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-10-18 09:59]
.
2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-10-18 09:59]
.
2013-06-24 c:\windows\Tasks\ProgramRefresh-ATFST.job
- c:\programme\File Type Assistant\TSASetup.exe [2013-06-23 11:10]
.
2013-06-24 c:\windows\Tasks\ProgramUpdateCheck.job
- c:\programme\File Type Assistant\tsassist.exe [2011-11-23 11:09]
.
2013-07-02 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDImmunize.exe [2013-06-29 08:57]
.
2013-07-01 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\programme\Safer Networking\Spybot - Search & Destroy 2\SDScan.exe [2013-06-29 08:58]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.upc.at/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = localhost:21320
IE: Free YouTube Download - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MI4D84~1\Office\OFFICE11\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 212.186.211.21 195.34.133.21
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-07 22:35
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\programme\Norton Internet Security\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(768)
c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll
.
Zeit der Fertigstellung: 2013-07-07 22:40:33
ComboFix-quarantined-files.txt 2013-07-07 20:40
.
Vor Suchlauf: 16 Verzeichnis(se), 48.082.518.016 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 48.082.944.000 Bytes frei
.
- - End Of File - - CF0EE9B18E2413B06C0A30E7CC961E17
72B8CE41AF0DE751C946802B3ED844B4
thomas frank mas
2013-07-07, 23:17
OTL logfile created on: 07.07.2013 22:46:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 57,71% Memory free
3,85 Gb Paging File | 3,18 Gb Available in Paging File | 82,65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 44,80 Gb Free Space | 60,11% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 43,15 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Computer Name: FRANK-B | User Name: Tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
PRC - C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\MagicTune Premium\GammaTray.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll ()
MOD - C:\Programme\NVIDIA Corporation\nView\nvShell.dll ()
MOD - c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\MagicTune Premium\GammaTray.exe ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDUpdateService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDScannerService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (NIS) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Apple Mobile Device) -- c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130705.001\IDSXpx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130706.003\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130706.003\NAVENG.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymEFA.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymDS.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys (Symantec Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (cpuz135) -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys (CPUID)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.upc.at/
IE - HKCU\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7WQIB_deAT541
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=sb&qsrc=2869
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\APPLE\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.06.20 15:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.07 21:02:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.06.22 21:33:03 | 000,000,000 | ---D | M]
[2013.03.28 00:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O1 HOSTS File: ([2013.07.07 22:35:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MagicTuneLauncher] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk = C:\Programme\MagicTune Premium\GammaTray.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371604349625 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6775AE-C5DE-4202-A172-E809EB93E068}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.17 12:37:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.07 20:36:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.07.07 20:26:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.07.07 20:26:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.07.07 20:26:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.07.07 20:26:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.07.07 20:25:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.07 20:24:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.07.07 20:15:43 | 005,087,001 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\ComboFix.exe
[2013.07.06 00:31:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.05 18:29:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL TEXTE
[2013.07.05 16:17:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe
[2013.07.05 15:08:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Malwarebytes
[2013.07.05 15:07:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.07.05 15:07:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Malwarebytes
[2013.07.05 15:07:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.07.05 15:07:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.07.05 15:06:22 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\mbam-setup-1.75.0.1300.exe
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\ERUNT
[2013.07.01 17:31:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\ProcAlyzer Dumps
[2013.06.29 20:15:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\iTunes
[2013.06.29 20:13:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.06.29 18:42:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot - Search & Destroy 2
[2013.06.29 18:42:20 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013.06.29 13:09:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Spybot - Search & Destroy
[2013.06.29 12:20:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013.06.29 12:20:43 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013.06.29 12:20:42 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013.06.28 21:06:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\DivX
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ac97via.sys
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2013.06.28 14:56:37 | 000,102,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\IMEKR70.IME
[2013.06.28 14:56:33 | 000,014,336 | ---- | C] (Samsung Electronics, Inc. ) -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2013.06.28 14:52:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\InstallShield
[2013.06.27 20:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Google Earth
[2013.06.27 19:31:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Help
[2013.06.27 19:31:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Help
[2013.06.26 14:31:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Jaksta Technologies
[2013.06.26 14:27:33 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Verwaltung
[2013.06.26 14:04:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Freecorder 7 Video
[2013.06.26 14:04:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Freecorder 7 Video
[2013.06.26 14:04:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Freecorder
[2013.06.26 14:04:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Jaksta_Technologies_Pty_L
[2013.06.25 18:36:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Windows Search
[2013.06.25 18:35:14 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2013.06.25 16:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2013.06.25 16:24:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2013.06.25 15:19:22 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.06.25 15:19:22 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.06.25 15:19:22 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013.06.25 15:19:22 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.06.25 15:19:20 | 000,000,000 | ---D | C] -- C:\ca9b08492440786b47e613
[2013.06.25 15:13:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Windows Desktop Search
[2013.06.25 15:11:01 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.06.24 13:55:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Leadertech
[2013.06.24 13:54:43 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:26 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2013.06.24 13:52:50 | 000,012,808 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys
[2013.06.24 13:52:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech
[2013.06.24 13:52:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Logishrd
[2013.06.24 13:42:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Logishrd
[2013.06.24 12:54:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013.06.24 12:51:45 | 041,404,760 | ---- | C] (Apple Inc.) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\QuickTimeSetup.exe
[2013.06.23 13:24:50 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2013.06.23 12:50:21 | 089,111,376 | ---- | C] (Apple Inc.) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\iTunesSetup.exe
[2013.06.23 12:23:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\FileTypeAssistant
[2013.06.23 12:22:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\FinalMediaPlayer
[2013.06.23 12:22:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FinalMediaPlayer
[2013.06.23 12:17:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
[2013.06.22 22:27:19 | 000,022,664 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\L8042Kbd.sys
[2013.06.22 22:23:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Logitech
[2013.06.22 22:23:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Logishrd
[2013.06.22 22:22:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\LogiShrd
[2013.06.22 22:17:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Adobe
[2013.06.22 22:15:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DVDVideoSoft
[2013.06.22 22:07:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\DVDVideoSoft
[2013.06.22 22:01:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2013.06.22 21:33:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Eigene Videos
[2013.06.22 21:32:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\DivX Movies
[2013.06.22 21:30:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DivX Plus
[2013.06.22 21:30:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2013.06.22 21:18:19 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\wc
[2013.06.22 21:18:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\wyUpdate AU
[2013.06.22 21:17:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Cyberduck
[2013.06.22 20:53:29 | 000,000,000 | ---D | C] -- C:\TEMP
[2013.06.22 12:18:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Applian FLV and Media Player
[2013.06.22 03:40:11 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2013.06.22 03:40:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2013.06.22 03:40:06 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2013.06.22 03:39:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.06.22 03:39:13 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2013.06.22 03:34:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2013.06.22 03:34:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013.06.22 03:34:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013.06.22 03:34:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013.06.22 03:34:24 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013.06.22 03:34:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013.06.22 03:34:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013.06.22 03:34:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013.06.22 03:34:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013.06.22 03:34:21 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2013.06.22 03:34:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013.06.22 03:34:17 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013.06.22 03:34:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.06.22 03:34:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.06.22 03:34:17 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.06.22 03:34:17 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.06.22 03:34:17 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.06.22 03:34:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.06.22 03:34:17 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.06.22 03:34:17 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.06.22 03:34:17 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.06.22 03:34:17 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.06.22 03:34:16 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.06.22 03:34:16 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.06.22 03:34:16 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.06.22 03:34:16 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.06.22 03:34:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.06.22 03:34:16 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.06.22 03:34:16 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.06.22 03:34:16 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.06.22 03:34:16 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.06.22 03:34:16 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.06.22 03:34:15 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2013.06.22 03:34:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013.06.22 03:34:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.06.22 03:34:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013.06.22 03:34:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Vorlagen
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Favoriten
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop
[2013.06.22 03:33:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft
[2013.06.22 03:33:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten
[2013.06.22 03:27:11 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:57:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Sun
[2013.06.22 02:57:09 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:57:08 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:57:08 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:57:02 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Office
[2013.06.21 19:38:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsda
thomas frank mas
2013-07-07, 23:19
ten\Sun
[2013.06.21 19:37:40 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.21 19:35:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Sun
[2013.06.21 13:12:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Macromedia
[2013.06.21 12:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Silverlight
[2013.06.21 11:45:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\McAfee
[2013.06.20 23:14:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Google
[2013.06.20 23:13:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Google
[2013.06.20 23:12:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Google
[2013.06.20 23:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Adobe
[2013.06.20 23:05:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Adobe
[2013.06.20 17:50:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX
[2013.06.20 17:16:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\DriverTurbo
[2013.06.20 17:05:02 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2013.06.20 17:04:59 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2013.06.20 17:04:56 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2013.06.20 17:04:50 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2013.06.20 17:04:46 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2013.06.20 17:04:42 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2013.06.20 17:04:39 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2013.06.20 17:04:36 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2013.06.20 17:04:33 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2013.06.20 17:04:28 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2013.06.20 17:04:23 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013.06.20 16:58:14 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Unsere Dokumente
[2013.06.20 16:04:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Apple Computer
[2013.06.20 16:04:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Apple Computer
[2013.06.20 16:03:39 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple Computer
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Programme\APPLE
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.06.20 16:00:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Apple
[2013.06.20 15:59:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple
[2013.06.20 15:03:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Symantec
[2013.06.20 14:57:18 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2013.06.20 14:56:38 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.sys
[2013.06.20 14:56:38 | 000,603,224 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.sys
[2013.06.20 14:56:38 | 000,396,760 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdi.sys
[2013.06.20 14:56:38 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.sys
[2013.06.20 14:56:38 | 000,352,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdiv.sys
[2013.06.20 14:56:38 | 000,339,544 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnets.sys
[2013.06.20 14:56:38 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Ironx86.sys
[2013.06.20 14:56:38 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.sys
[2013.06.20 14:56:38 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.sys
[2013.06.20 14:56:37 | 000,134,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.sys
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Programme\Norton Internet Security
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Norton Internet Security
[2013.06.20 14:55:42 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller
[2013.06.20 13:43:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\LogMeIn Rescue Applet
[2013.06.20 12:24:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\XnView
[2013.06.20 01:46:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\NeroVision
[2013.06.20 01:46:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Ahead
[2013.06.20 01:45:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\FinalMediaPlayer
[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2013.06.20 00:56:09 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2013.06.20 00:56:09 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2013.06.20 00:56:09 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2013.06.20 00:56:09 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2013.06.20 00:56:09 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2013.06.20 00:56:09 | 000,143,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2013.06.20 00:56:09 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2013.06.20 00:56:07 | 015,494,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2013.06.20 00:56:07 | 000,108,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2013.06.20 00:55:57 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2013.06.20 00:38:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\NVIDIA
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1404000.028
[2013.06.19 21:01:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PCSettings
[2013.06.19 19:21:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\nView_Wallpaper
[2013.06.19 18:47:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NortonInstaller
[2013.06.19 18:32:57 | 000,877,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2013.06.19 18:13:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\IECompatCache
[2013.06.19 18:08:49 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\PrivacIE
[2013.06.19 18:07:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Windows Genuine Advantage
[2013.06.19 18:05:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\IETldCache
[2013.06.19 18:00:59 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.06.19 17:59:01 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.06.19 16:22:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\NPE
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Norton
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Norton
[2013.06.19 16:21:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton
[2013.06.19 12:56:26 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2013.06.19 12:56:26 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2013.06.19 12:56:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2013.06.19 12:56:25 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.06.19 12:56:25 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.06.19 12:56:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2013.06.19 12:56:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.06.19 12:56:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2013.06.19 12:56:20 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.06.19 12:40:11 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Common Files
[2013.06.19 12:38:28 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013.06.19 12:34:41 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013.06.19 12:34:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012
[2013.06.19 12:32:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\TuneUp Software
[2013.06.19 12:30:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\TuneUp Software
[2013.06.19 12:29:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013.06.19 12:04:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA Corporation
[2013.06.19 12:04:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA
[2013.06.19 12:01:55 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013.06.19 12:01:07 | 005,967,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2013.06.19 12:01:04 | 019,189,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2013.06.19 12:01:03 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2013.06.19 12:01:02 | 007,536,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2013.06.19 12:01:02 | 002,581,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2013.06.19 12:01:02 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2013.06.19 12:01:02 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2013.06.19 12:00:47 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2013.06.19 12:00:47 | 002,389,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2013.06.19 12:00:46 | 012,648,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2013.06.19 03:18:55 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013.06.19 03:18:19 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.06.19 03:15:27 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.06.19 03:14:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.06.19 03:12:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\UserData
[2013.06.19 03:11:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Identities
[2013.06.19 03:10:12 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.06.19 03:10:12 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.06.19 03:10:11 | 002,195,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.06.19 03:10:10 | 002,072,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.06.19 03:00:30 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.06.19 02:56:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Identities
[2013.06.19 02:54:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Eigene Musik
[2013.06.19 02:54:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien
[2013.06.19 02:54:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\Eigene Bilder
[2013.06.19 02:54:44 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten\Microsoft
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\SendTo
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Recent
[2013.06.19 02:54:44 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Anwendungsdaten
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Zubehör
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Favoriten
[2013.06.19 02:54:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Autostart
[2013.06.19 02:54:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Cookies
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Vorlagen
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Netzwerkumgebung
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen
[2013.06.19 02:54:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Druckumgebung
[2013.06.19 02:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013.06.19 02:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
[2013.06.19 02:45:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.06.19 02:45:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.06.19 02:45:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.06.19 02:45:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.06.19 02:45:10 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.06.19 02:45:10 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.06.19 02:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2013.06.19 02:45:08 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2013.06.19 02:45:08 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2013.06.19 02:45:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013.06.19 02:45:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013.06.19 02:45:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013.06.19 02:45:07 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.06.19 02:45:07 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.06.19 02:45:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013.06.19 02:45:06 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.06.19 02:45:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2013.06.19 02:45:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.06.19 02:45:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.06.19 02:45:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.06.19 02:45:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2013.06.19 02:45:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.06.19 02:45:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.06.19 02:45:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.06.19 02:45:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.06.19 02:45:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.06.19 02:44:59 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.06.19 02:44:59 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.06.19 02:44:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.06.19 02:44:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2013.06.19 02:44:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2013.06.19 02:44:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2013.06.19 02:44:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013.06.19 02:44:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.06.19 02:44:53 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.06.19 02:44:52 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2013.06.19 02:44:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2013.06.19 02:44:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.06.19 02:44:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2013.06.19 02:44:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.06.19 02:44:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2013.06.19 02:44:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2013.06.19 02:44:51 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2013.06.19 02:44:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2013.06.19 02:44:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2013.06.19 02:44:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.06.19 02:44:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2013.06.19 02:44:49 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2013.06.19 02:44:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.06.19 02:44:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.06.19 02:44:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.06.19 02:44:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.06.19 02:44:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.06.19 02:44:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.06.19 02:44:43 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2013.06.19 02:44:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.06.19 02:44:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.06.19 02:44:40 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013.06.19 02:44:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2013.06.19 02:44:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2013.06.19 02:44:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.06.19 02:44:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2013.06.19 02:44:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.06.19 02:44:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.06.19 02:44:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.06.19 02:44:35 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2013.06.19 02:44:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.06.19 02:44:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.06.19 02:44:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2013.06.19 02:44:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.06.19 02:44:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.06.19 02:44:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.06.19 02:44:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.06.19 02:44:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.06.19 02:44:31 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.06.19 02:44:31 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.06.19 02:44:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.06.19 02:44:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013.06.19 02:44:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013.06.19 02:44:29 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.06.19 02:44:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.06.19 02:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.06.19 02:44:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.06.19 02:44:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.06.19 02:44:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2013.06.19 02:44:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013.06.19 02:44:19 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.06.19 02:44:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2013.06.19 02:44:14 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.06.19 02:44:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.06.19 02:44:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2013.06.19 02:44:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2013.06.19 02:44:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.06.19 02:44:01 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.06.19 02:44:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2013.06.19 02:44:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2013.06.19 02:44:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013.06.19 02:43:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.06.19 02:43:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2013.06.19 02:43:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2013.06.19 02:43:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2013.06.19 02:43:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013.06.19 02:43:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2013.06.19 02:43:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.06.19 02:43:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.06.19 02:43:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.06.19 02:43:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.06.19 02:43:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.06.19 02:43:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2013.06.19 02:43:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.06.19 02:43:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.06.19 02:43:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.06.19 02:43:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2013.06.19 02:43:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013.06.19 02:43:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2013.06.19 02:43:47 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.06.19 02:43:47 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.06.19 02:43:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2013.06.19 02:43:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2013.06.19 02:43:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013.06.19 02:43:46 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.06.19 02:43:46 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.06.19 02:43:46 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.06.19 02:43:46 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.06.19 02:43:46 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.06.19 02:43:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.06.19 02:43:46 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.06.19 02:43:45 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.06.19 02:43:45 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.06.19 02:43:45 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.06.19 02:43:45 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.06.19 02:43:45 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.06.19 02:43:45 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.06.19 02:43:45 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.06.19 02:43:44 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.06.19 02:43:44 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.06.19 02:43:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.06.19 02:43:44 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.06.19 02:43:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.06.19 02:43:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.06.19 02:43:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.06.19 02:43:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013.06.19 02:43:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2013.06.19 02:43:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2013.06.19 02:43:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013.06.19 02:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2013.06.19 02:43:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013.06.19 02:43:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2013.06.19 02:43:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013.06.19 02:43:38 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.06.19 02:43:32 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.06.19 02:43:31 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2013.06.19 02:43:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2013.06.19 02:43:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2013.06.19 02:43:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2013.06.19 02:43:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.06.19 02:43:29 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2013.06.19 02:43:27 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2013.06.19 02:43:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2013.06.19 02:43:27 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2013.06.19 02:43:27 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2013.06.19 02:43:27 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2013.06.19 02:43:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2013.06.19 02:43:27 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2013.06.19 02:43:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.06.19 02:43:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.06.19 02:43:26 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2013.06.19 02:43:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2013.06.19 02:43:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2013.06.19 02:43:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.06.19 02:43:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2013.06.19 02:43:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2013.06.19 02:43:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2013.06.19 02:43:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2013.06.19 02:43:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2013.06.19 02:43:25 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2013.06.19 02:43:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2013.06.19 02:43:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.06.19 02:43:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.06.19 02:43:24 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2013.06.19 02:43:24 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2013.06.19 02:43:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.06.19 02:43:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.06.19 02:43:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2013.06.19 02:43:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2013.06.19 02:43:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2013.06.19 02:43:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2013.06.19 02:43:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2013.06.19 02:43:21 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.06.19 02:43:21 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.06.19 02:43:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.06.19 02:43:21 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.06.19 02:43:20 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.06.19 02:43:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2013.06.19 02:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2013.06.19 02:43:07 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.06.19 02:43:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013.06.19 02:43:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013.06.19 02:43:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013.06.19 02:43:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.06.19 02:43:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2013.06.19 02:43:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.06.19 02:43:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.06.19 02:43:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.06.19 02:43:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.06.19 02:43:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.06.19 02:43:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.06.19 02:43:01 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.06.19 02:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.06.19 02:43:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.06.19 02:43:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.06.19 02:43:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.06.19 02:43:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
thomas frank mas
2013-07-07, 23:22
[2013.06.19 02:42:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2013.06.19 02:42:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.06.19 02:42:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.06.19 02:42:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.06.19 02:42:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013.06.19 02:42:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013.06.19 02:42:49 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2013.06.19 02:42:49 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2013.06.19 02:42:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013.06.19 02:42:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013.06.19 02:42:48 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2013.06.19 02:42:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2013.06.19 02:42:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2013.06.19 02:42:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.06.19 02:42:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013.06.19 02:42:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2013.06.19 02:42:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013.06.19 02:42:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013.06.19 02:42:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2013.06.19 02:42:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2013.06.19 02:42:38 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2013.06.19 02:42:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.06.19 02:42:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2013.06.19 02:42:36 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2013.06.19 02:42:36 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2013.06.19 02:42:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2013.06.19 02:42:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2013.06.19 02:42:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013.06.19 02:42:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2013.06.19 02:42:26 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2013.06.19 02:42:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013.06.19 02:42:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2013.06.19 02:42:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2013.06.19 02:42:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2013.06.19 02:42:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2013.06.19 02:42:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013.06.19 02:42:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013.06.19 02:42:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013.06.19 02:42:25 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2013.06.19 02:42:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.06.19 02:42:25 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2013.06.19 02:42:25 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2013.06.19 02:42:25 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2013.06.19 02:42:25 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2013.06.19 02:42:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013.06.19 02:42:24 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2013.06.19 02:42:24 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2013.06.19 02:42:24 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2013.06.19 02:42:24 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2013.06.19 02:42:24 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2013.06.19 02:42:24 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2013.06.19 02:42:24 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2013.06.19 02:42:24 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2013.06.19 02:42:24 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2013.06.19 02:42:23 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2013.06.19 02:42:23 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2013.06.19 02:42:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2013.06.19 02:42:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2013.06.19 02:42:22 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2013.06.19 02:42:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2013.06.19 02:42:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013.06.19 02:42:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2013.06.19 02:42:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2013.06.19 02:42:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2013.06.19 02:42:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2013.06.19 02:42:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2013.06.19 02:41:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.06.19 02:39:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\DRM
[2013.06.19 02:38:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.06.19 02:38:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.06.19 02:38:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.06.19 02:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.06.19 02:38:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.06.19 02:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.06.19 02:38:10 | 000,727,614 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2013.06.19 02:38:10 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2013.06.19 02:38:09 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2013.06.19 02:38:08 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.06.19 02:38:08 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2013.06.19 02:38:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.06.19 02:38:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2013.06.19 02:38:07 | 001,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.06.19 02:38:07 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.06.19 02:38:07 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.06.19 02:38:07 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2013.06.19 02:38:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.06.19 02:38:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.06.19 02:37:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2013.06.19 02:37:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2013.06.19 02:37:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2013.06.19 02:37:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2013.06.19 02:37:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2013.06.19 02:37:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2013.06.19 02:37:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2013.06.19 02:37:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2013.06.19 02:37:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2013.06.19 02:37:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2013.06.19 02:37:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013.06.19 02:37:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2013.06.19 02:37:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2013.06.19 02:37:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2013.06.19 02:37:47 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2013.06.19 02:37:47 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2013.06.19 02:37:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2013.06.19 02:37:46 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2013.06.19 02:37:46 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2013.06.19 02:37:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2013.06.19 02:37:45 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2013.06.19 02:37:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2013.06.19 02:37:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2013.06.19 02:37:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2013.06.19 02:37:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder
[2013.06.19 02:36:51 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spiele
[2013.06.19 02:36:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Verwaltung
[2013.06.19 02:36:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.06.19 02:35:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.06.19 02:35:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.06.19 02:35:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.06.19 02:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.06.19 02:35:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.06.19 02:35:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.06.19 02:35:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.06.19 02:35:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.06.19 02:35:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.06.19 02:35:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.06.19 02:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.06.19 02:35:26 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.06.19 02:35:26 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.06.19 02:35:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.06.19 02:35:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.06.19 02:35:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.06.19 02:35:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.06.19 02:35:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.06.19 02:35:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.06.19 02:35:25 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2013.06.19 02:35:23 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2013.06.19 02:35:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2013.06.19 02:35:23 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2013.06.19 02:35:22 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013.06.19 02:35:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.06.19 02:35:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2013.06.19 02:35:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.06.19 02:35:21 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.06.19 02:35:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.06.19 02:35:19 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.06.19 02:35:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.06.19 02:35:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2013.06.19 02:35:18 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2013.06.19 02:35:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.06.19 02:35:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.06.19 02:35:17 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.06.19 02:35:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2013.06.19 02:35:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2013.06.19 02:35:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2013.06.19 02:35:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2013.06.19 02:35:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2013.06.19 02:35:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2013.06.19 02:35:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2013.06.19 02:35:14 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2013.06.19 02:35:14 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2013.06.19 02:35:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2013.06.19 02:35:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2013.06.19 02:35:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2013.06.19 02:35:14 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2013.06.19 02:35:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2013.06.19 02:35:14 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2013.06.19 02:35:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2013.06.19 02:35:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2013.06.19 02:35:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2013.06.19 02:35:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2013.06.19 02:35:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2013.06.19 02:35:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2013.06.19 02:35:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2013.06.19 02:35:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2013.06.19 02:35:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2013.06.19 02:35:13 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2013.06.19 02:35:13 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2013.06.19 02:35:13 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2013.06.19 02:35:13 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2013.06.19 02:35:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2013.06.19 02:35:13 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2013.06.19 02:35:13 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2013.06.19 02:35:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2013.06.19 02:35:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2013.06.19 02:35:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2013.06.19 02:35:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2013.06.19 02:35:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2013.06.19 02:35:12 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2013.06.19 02:35:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2013.06.19 02:35:11 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2013.06.19 02:35:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos
[2013.06.19 02:32:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013.06.18 23:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.06.18 23:41:40 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013.06.18 18:57:09 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2013.06.18 18:57:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013.06.18 18:56:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2013.06.12 14:12:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.06.11 15:59:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.06.11 15:58:51 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
========== Files - Modified Within 30 Days ==========
[2013.07.07 22:50:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.07 22:35:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.07.07 22:14:24 | 005,087,001 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\ComboFix.exe
[2013.07.07 21:01:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.07 20:59:33 | 000,000,670 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.07.07 20:58:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.07 20:37:05 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013.07.07 14:15:30 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2013.07.05 16:17:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe
[2013.07.05 15:07:50 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.05 15:06:25 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\mbam-setup-1.75.0.1300.exe
[2013.07.04 13:08:04 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\ERUNT.lnk
[2013.07.03 00:31:34 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.07.01 17:02:01 | 000,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.30 13:51:45 | 000,002,651 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Outlook 2003.lnk
[2013.06.29 20:15:26 | 000,001,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 19:28:42 | 000,449,428 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130703-003131.backup
[2013.06.29 18:42:36 | 000,001,999 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 21:14:21 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.28 15:42:47 | 000,000,276 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.28 15:13:18 | 000,000,704 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\WizardInitConfig.cfg
[2013.06.28 14:57:00 | 000,001,550 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 02:07:49 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.28 02:07:49 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.28 02:07:34 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.28 00:18:45 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Temporary Internet Files.lnk
[2013.06.27 20:25:28 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.27 19:30:04 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.27 19:30:04 | 000,007,611 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.27 19:30:04 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.25 19:15:18 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Windows Media Player.lnk
[2013.06.25 18:35:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.06.25 18:35:15 | 000,549,843 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.25 17:55:32 | 000,520,626 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.06.25 17:55:32 | 000,475,764 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.06.25 17:55:32 | 000,101,770 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.06.25 17:55:32 | 000,076,798 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.06.25 15:45:12 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.25 15:12:55 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.25 15:10:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.25 15:10:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.25 15:08:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.06.24 14:58:08 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.24 14:47:54 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.24 14:47:53 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.24 13:54:43 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.24 13:23:49 | 000,000,956 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Netzwerkumgebung.lnk
[2013.06.24 12:50:49 | 041,404,760 | ---- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\QuickTimeSetup.exe
[2013.06.23 12:50:21 | 089,111,376 | ---- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Eigene Dateien\iTunesSetup.exe
[2013.06.23 12:25:15 | 000,001,640 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\FinalMediaPlayer.lnk
[2013.06.22 22:46:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.22 22:45:57 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.22 22:45:57 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.22 22:15:58 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:33:08 | 000,001,486 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\DivX Movies.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | M] () -- C:\END
thomas frank mas
2013-07-07, 23:24
[2013.06.22 21:08:31 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 03:27:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:56:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:56:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:56:15 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.22 02:56:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:56:15 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:27:21 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 15:46:41 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\NVIDIA Controlpanel.lnk
[2013.06.20 12:25:48 | 000,000,586 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\XnView.lnk
[2013.06.20 01:29:32 | 000,001,210 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xvideo.lnk
[2013.06.20 01:29:11 | 000,001,205 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\zspez.lnk
[2013.06.20 01:28:54 | 000,001,202 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xppt.lnk
[2013.06.20 01:25:39 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 03:22:25 | 000,000,709 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\PC Wizard.lnk
[2013.06.19 03:16:18 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Arbeitsplatz.lnk
[2013.06.19 03:15:59 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OE.lnk
[2013.06.19 02:48:42 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.19 02:47:09 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 02:41:36 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:41:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 02:36:48 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.10 19:41:56 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
========== Files Created - No Company Name ==========
[2013.07.07 20:36:59 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.07.07 20:26:49 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.07.07 20:26:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.07.07 20:26:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.07.07 20:26:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.07.07 20:26:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.07.05 15:07:50 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.04 13:08:03 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\ERUNT.lnk
[2013.06.29 20:15:26 | 000,001,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:43:24 | 000,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 18:43:22 | 000,000,644 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.29 18:43:20 | 000,000,670 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.29 18:42:37 | 000,002,005 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot-S&D Start Center.lnk
[2013.06.29 18:42:35 | 000,001,999 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 15:13:18 | 000,000,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\WizardInitConfig.cfg
[2013.06.28 14:56:58 | 000,001,550 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 00:18:45 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Temporary Internet Files.lnk
[2013.06.28 00:08:12 | 000,000,276 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.27 20:25:27 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.25 19:15:17 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Windows Media Player.lnk
[2013.06.25 17:34:53 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013.06.25 15:12:54 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk
[2013.06.25 15:12:54 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.25 14:30:44 | 000,002,651 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Outlook 2003.lnk
[2013.06.24 13:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.24 13:08:31 | 000,000,956 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Netzwerkumgebung.lnk
[2013.06.23 12:23:13 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.23 12:23:12 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.23 12:22:40 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.23 12:22:28 | 000,001,640 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\FinalMediaPlayer.lnk
[2013.06.22 22:15:58 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:33:06 | 000,001,486 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\DivX Movies.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | C] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 04:31:36 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.22 03:34:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.22 03:34:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.06.22 03:34:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.22 03:34:15 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.06.22 03:33:57 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.06.22 03:33:57 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013.06.22 03:33:57 | 000,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013.06.22 03:33:57 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.06.22 03:33:57 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013.06.22 03:33:57 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.06.22 03:33:57 | 000,021,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013.06.22 03:33:57 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.06.22 03:33:57 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013.06.22 03:33:57 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.06.22 03:33:57 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.06.22 03:33:57 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.06.22 03:33:57 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.06.22 03:33:57 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.06.22 03:33:57 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.06.22 03:33:56 | 002,039,179 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.06.22 03:33:56 | 001,246,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.06.22 03:33:56 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.06.22 03:33:56 | 000,631,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.06.22 03:32:58 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.22 03:27:16 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.22 02:27:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 23:12:19 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.20 23:12:19 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.20 23:11:03 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013.06.20 23:11:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.20 16:00:58 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.20 16:00:56 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Apple Software Update.lnk
[2013.06.20 15:46:41 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\NVIDIA Controlpanel.lnk
[2013.06.20 14:57:18 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.20 14:57:18 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.20 14:56:11 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymVTcer.dat
[2013.06.20 14:56:11 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.cat
[2013.06.20 14:56:11 | 000,008,067 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat
[2013.06.20 14:56:11 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnetv.cat
[2013.06.20 14:56:11 | 000,007,667 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccsetx86.cat
[2013.06.20 14:56:11 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\iron.cat
[2013.06.20 14:56:11 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.cat
[2013.06.20 14:56:11 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.cat
[2013.06.20 14:56:11 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.inf
[2013.06.20 14:56:11 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.inf
[2013.06.20 14:56:11 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNetV.inf
[2013.06.20 14:56:11 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.inf
[2013.06.20 14:56:11 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.inf
[2013.06.20 14:56:11 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf
[2013.06.20 14:56:11 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symELAM.inf
[2013.06.20 14:56:11 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.inf
[2013.06.20 14:56:11 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Iron.inf
[2013.06.20 14:56:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
[2013.06.20 12:25:48 | 000,000,586 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\XnView.lnk
[2013.06.20 01:27:19 | 000,001,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xppt.lnk
[2013.06.20 01:27:15 | 000,001,205 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\zspez.lnk
[2013.06.20 01:27:10 | 000,001,210 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xvideo.lnk
[2013.06.19 22:09:10 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\VT20130115.021
[2013.06.19 21:04:02 | 000,549,843 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.19 18:26:05 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:34:34 | 000,001,713 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:49 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.19 12:01:48 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.19 12:01:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.19 12:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 12:01:02 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.06.19 03:22:25 | 000,000,709 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\PC Wizard.lnk
[2013.06.19 03:16:18 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Arbeitsplatz.lnk
[2013.06.19 03:15:59 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OE.lnk
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.06.19 02:56:16 | 000,000,718 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Outlook Express.lnk
[2013.06.19 02:56:00 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Internet Explorer.lnk
[2013.06.19 02:54:44 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Remoteunterstützung.lnk
[2013.06.19 02:54:44 | 000,000,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Windows Media Player.lnk
[2013.06.19 02:47:09 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.19 02:44:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.06.19 02:43:56 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.06.19 02:43:46 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.06.19 02:43:46 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.06.19 02:43:44 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.06.19 02:43:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.06.19 02:43:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.06.19 02:43:24 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.06.19 02:43:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.06.19 02:41:36 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 02:41:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 02:41:23 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:38:54 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Movie Maker.lnk
[2013.06.19 02:38:33 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.06.19 02:38:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.06.19 02:37:48 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.06.19 02:36:51 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Messenger.lnk
[2013.06.19 02:36:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 02:36:00 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\MSN.lnk
[2013.06.19 02:35:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2013.06.19 02:35:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2013.06.19 02:35:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013.06.19 02:35:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2013.06.19 02:35:35 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2013.06.19 02:35:35 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2013.06.19 02:35:35 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2013.06.19 02:35:35 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2013.06.19 02:35:35 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2013.06.19 02:35:35 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2013.06.19 02:35:35 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2013.06.19 02:35:32 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.06.19 02:35:32 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.06.19 02:35:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.06.19 02:35:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013.06.18 18:58:24 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.06.18 18:58:22 | 000,476,395 | R--- | C] () -- C:\txtsetup.sif
[2013.06.18 18:58:22 | 000,262,464 | R--- | C] () -- C:\$LDR$
========== ZeroAccess Check ==========
[2013.06.25 15:16:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 03:59:04 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Open OTL.exe
Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
[2013.06.29 19:28:42 | 000,449,428 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130703-003131.backup
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces
Then run a new scan with OTL and post the log
Go here (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and download AdwCleaner to your desktop
Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
http://i24.photobucket.com/albums/c30/ken545/AdwareCleaner.jpg
thomas frank mas
2013-07-08, 22:49
Hi Ken!
Sorry to answer so late. Was absent. OTL did not run realy. Stopped at "killing process. DO NOT INTERRUPT". As before i shut down the computer and replied. What to do?
Did you run it in Safemode as we discussed earlier ?
thomas frank mas
2013-07-08, 23:20
No I did not. Shall I repeat all mesures in Safemode?
Yes please do. But AdwCleaner should run just fine in normal windows
thomas frank mas
2013-07-09, 00:46
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
C:\WINDOWS\system32\drivers\etc\hosts.20130703-003131.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: All Users.WINDOWS
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService.NT-AUTORITÄT.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService.NT-AUTORITÄT.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33208 bytes
User: Tom
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Tom.FRANK-B
->Temp folder emptied: 2612 bytes
->Temporary Internet Files folder emptied: 8910704 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 492 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: UpdatusUser.FRANK-B
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17385 bytes
RecycleBin emptied: 340016 bytes
Total Files Cleaned = 9,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 07082013_235912
Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_b[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_h[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_l[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_r[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TIEEM0BF\upc_at[4].htm moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\S0T55V22\showthread[2].htm moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
thomas frank mas
2013-07-09, 01:01
OTL logfile created on: 09.07.2013 00:29:43 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 81,86% Memory free
3,85 Gb Paging File | 3,67 Gb Available in Paging File | 95,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 44,79 Gb Free Space | 60,11% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 43,15 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Computer Name: FRANK-B | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\NVIDIA Corporation\nView\nvShell.dll ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDUpdateService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDScannerService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (NIS) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Apple Mobile Device) -- c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130706.002\IDSXpx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130708.002\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130708.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymEFA.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymDS.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys (Symantec Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (cpuz135) -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys (CPUID)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 D5 F9 C5 28 7C CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\APPLE\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.06.20 15:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.08 18:58:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.06.22 21:33:03 | 000,000,000 | ---D | M]
[2013.03.28 00:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O1 HOSTS File: ([2013.07.07 22:35:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MagicTuneLauncher] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk = C:\Programme\MagicTune Premium\GammaTray.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371604349625 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6775AE-C5DE-4202-A172-E809EB93E068}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.17 12:37:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.09 00:16:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2013.07.09 00:16:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2013.07.09 00:16:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE
[2013.07.07 23:26:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.07.07 20:36:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.07.07 20:26:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.07.07 20:26:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.07.07 20:26:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.07.07 20:26:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.07.07 20:25:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.07 20:24:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.07.07 13:44:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search
[2013.07.07 13:36:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2013.07.07 13:35:35 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2013.07.07 13:35:35 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2013.07.07 13:35:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2013.07.07 13:35:35 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2013.07.07 13:35:35 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2013.07.07 13:35:34 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2013.07.06 00:31:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.05 15:07:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.07.05 15:07:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Malwarebytes
[2013.07.05 15:07:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.07.05 15:07:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\ERUNT
[2013.06.29 20:15:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\iTunes
[2013.06.29 20:13:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.06.29 18:42:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot - Search & Destroy 2
[2013.06.29 18:42:20 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013.06.29 13:09:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Spybot - Search & Destroy
[2013.06.29 12:20:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013.06.29 12:20:43 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013.06.29 12:20:42 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ac97via.sys
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2013.06.28 14:56:37 | 000,102,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\IMEKR70.IME
[2013.06.28 14:56:33 | 000,014,336 | ---- | C] (Samsung Electronics, Inc. ) -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2013.06.27 20:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Google Earth
[2013.06.26 14:31:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Jaksta Technologies
[2013.06.25 18:35:14 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2013.06.25 16:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2013.06.25 16:24:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2013.06.25 15:19:22 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.06.25 15:19:22 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.06.25 15:19:22 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013.06.25 15:19:22 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.06.25 15:19:20 | 000,000,000 | ---D | C] -- C:\ca9b08492440786b47e613
[2013.06.25 15:11:01 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.06.24 13:54:43 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:26 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2013.06.24 13:52:50 | 000,012,808 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys
[2013.06.24 13:52:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech
[2013.06.24 13:52:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Logishrd
[2013.06.24 12:54:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013.06.23 13:24:50 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2013.06.23 12:22:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FinalMediaPlayer
[2013.06.23 12:17:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
[2013.06.22 22:27:19 | 000,022,664 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\L8042Kbd.sys
[2013.06.22 22:23:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Logishrd
[2013.06.22 22:15:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DVDVideoSoft
[2013.06.22 22:01:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2013.06.22 21:30:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DivX Plus
[2013.06.22 21:30:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2013.06.22 20:53:29 | 000,000,000 | ---D | C] -- C:\TEMP
[2013.06.22 03:40:11 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2013.06.22 03:40:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2013.06.22 03:40:06 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2013.06.22 03:39:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.06.22 03:39:13 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2013.06.22 03:34:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2013.06.22 03:34:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013.06.22 03:34:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013.06.22 03:34:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013.06.22 03:34:24 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013.06.22 03:34:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013.06.22 03:34:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013.06.22 03:34:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013.06.22 03:34:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013.06.22 03:34:21 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2013.06.22 03:34:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013.06.22 03:34:17 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013.06.22 03:34:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.06.22 03:34:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.06.22 03:34:17 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.06.22 03:34:17 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.06.22 03:34:17 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.06.22 03:34:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.06.22 03:34:17 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.06.22 03:34:17 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.06.22 03:34:17 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.06.22 03:34:17 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.06.22 03:34:16 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.06.22 03:34:16 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.06.22 03:34:16 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.06.22 03:34:16 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.06.22 03:34:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.06.22 03:34:16 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.06.22 03:34:16 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.06.22 03:34:16 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.06.22 03:34:16 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.06.22 03:34:16 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.06.22 03:34:15 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2013.06.22 03:34:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013.06.22 03:34:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.06.22 03:34:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013.06.22 03:34:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Vorlagen
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Favoriten
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop
[2013.06.22 03:33:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft
[2013.06.22 03:33:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten
[2013.06.22 03:27:11 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:57:09 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:57:08 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:57:08 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:57:02 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Office
[2013.06.21 19:38:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Sun
[2013.06.21 19:37:40 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.21 12:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Silverlight
[2013.06.21 11:45:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\McAfee
[2013.06.20 23:13:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Google
[2013.06.20 23:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Adobe
[2013.06.20 17:50:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX
[2013.06.20 17:05:02 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2013.06.20 17:04:59 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2013.06.20 17:04:56 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2013.06.20 17:04:50 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2013.06.20 17:04:46 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2013.06.20 17:04:42 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2013.06.20 17:04:39 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2013.06.20 17:04:36 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2013.06.20 17:04:33 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2013.06.20 17:04:28 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2013.06.20 17:04:23 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013.06.20 16:03:39 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple Computer
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Programme\APPLE
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.06.20 15:59:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple
[2013.06.20 14:57:18 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2013.06.20 14:56:38 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.sys
[2013.06.20 14:56:38 | 000,603,224 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.sys
[2013.06.20 14:56:38 | 000,396,760 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdi.sys
[2013.06.20 14:56:38 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.sys
[2013.06.20 14:56:38 | 000,352,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdiv.sys
[2013.06.20 14:56:38 | 000,339,544 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnets.sys
[2013.06.20 14:56:38 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Ironx86.sys
[2013.06.20 14:56:38 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.sys
[2013.06.20 14:56:38 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.sys
[2013.06.20 14:56:37 | 000,134,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.sys
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Programme\Norton Internet Security
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Norton Internet Security
[2013.06.20 14:55:42 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller
thomas frank mas
2013-07-09, 01:03
[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2013.06.20 00:56:09 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2013.06.20 00:56:09 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2013.06.20 00:56:09 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2013.06.20 00:56:09 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2013.06.20 00:56:09 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2013.06.20 00:56:09 | 000,143,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2013.06.20 00:56:09 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2013.06.20 00:56:07 | 015,494,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2013.06.20 00:56:07 | 000,108,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2013.06.20 00:55:57 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1404000.028
[2013.06.19 21:01:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PCSettings
[2013.06.19 18:47:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NortonInstaller
[2013.06.19 18:32:57 | 000,877,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2013.06.19 18:07:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Windows Genuine Advantage
[2013.06.19 18:00:59 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.06.19 17:59:01 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Norton
[2013.06.19 16:21:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton
[2013.06.19 12:56:26 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2013.06.19 12:56:26 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2013.06.19 12:56:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2013.06.19 12:56:25 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.06.19 12:56:25 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.06.19 12:56:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2013.06.19 12:56:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.06.19 12:56:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2013.06.19 12:56:20 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.06.19 12:40:11 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Common Files
[2013.06.19 12:38:28 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013.06.19 12:34:41 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013.06.19 12:34:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012
[2013.06.19 12:30:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\TuneUp Software
[2013.06.19 12:29:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013.06.19 12:04:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA Corporation
[2013.06.19 12:04:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA
[2013.06.19 12:01:55 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013.06.19 12:01:07 | 005,967,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2013.06.19 12:01:04 | 019,189,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2013.06.19 12:01:03 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2013.06.19 12:01:02 | 007,536,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2013.06.19 12:01:02 | 002,581,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2013.06.19 12:01:02 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2013.06.19 12:01:02 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2013.06.19 12:00:47 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2013.06.19 12:00:47 | 002,389,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2013.06.19 12:00:46 | 012,648,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2013.06.19 03:18:55 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013.06.19 03:18:19 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.06.19 03:15:27 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.06.19 03:14:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.06.19 03:10:12 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.06.19 03:10:12 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.06.19 03:10:11 | 002,195,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.06.19 03:10:10 | 002,072,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.06.19 03:00:30 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.06.19 02:45:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.06.19 02:45:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.06.19 02:45:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.06.19 02:45:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.06.19 02:45:10 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.06.19 02:45:10 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.06.19 02:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2013.06.19 02:45:08 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2013.06.19 02:45:08 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2013.06.19 02:45:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013.06.19 02:45:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013.06.19 02:45:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013.06.19 02:45:07 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.06.19 02:45:07 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.06.19 02:45:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013.06.19 02:45:06 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.06.19 02:45:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2013.06.19 02:45:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.06.19 02:45:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.06.19 02:45:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.06.19 02:45:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2013.06.19 02:45:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.06.19 02:45:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.06.19 02:45:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.06.19 02:45:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.06.19 02:45:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.06.19 02:44:59 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.06.19 02:44:59 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.06.19 02:44:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.06.19 02:44:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2013.06.19 02:44:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2013.06.19 02:44:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2013.06.19 02:44:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013.06.19 02:44:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.06.19 02:44:53 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.06.19 02:44:52 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2013.06.19 02:44:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2013.06.19 02:44:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.06.19 02:44:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2013.06.19 02:44:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.06.19 02:44:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2013.06.19 02:44:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2013.06.19 02:44:51 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2013.06.19 02:44:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2013.06.19 02:44:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2013.06.19 02:44:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.06.19 02:44:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2013.06.19 02:44:49 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2013.06.19 02:44:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.06.19 02:44:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.06.19 02:44:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.06.19 02:44:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.06.19 02:44:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.06.19 02:44:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.06.19 02:44:43 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2013.06.19 02:44:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.06.19 02:44:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.06.19 02:44:40 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013.06.19 02:44:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2013.06.19 02:44:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2013.06.19 02:44:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.06.19 02:44:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2013.06.19 02:44:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.06.19 02:44:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.06.19 02:44:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.06.19 02:44:35 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2013.06.19 02:44:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.06.19 02:44:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.06.19 02:44:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2013.06.19 02:44:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.06.19 02:44:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.06.19 02:44:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.06.19 02:44:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.06.19 02:44:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.06.19 02:44:31 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.06.19 02:44:31 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.06.19 02:44:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.06.19 02:44:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013.06.19 02:44:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013.06.19 02:44:29 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.06.19 02:44:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.06.19 02:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.06.19 02:44:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.06.19 02:44:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.06.19 02:44:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2013.06.19 02:44:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013.06.19 02:44:19 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.06.19 02:44:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2013.06.19 02:44:14 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.06.19 02:44:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.06.19 02:44:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2013.06.19 02:44:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2013.06.19 02:44:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.06.19 02:44:01 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.06.19 02:44:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2013.06.19 02:44:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2013.06.19 02:44:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013.06.19 02:43:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.06.19 02:43:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2013.06.19 02:43:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2013.06.19 02:43:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2013.06.19 02:43:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013.06.19 02:43:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2013.06.19 02:43:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.06.19 02:43:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.06.19 02:43:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.06.19 02:43:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.06.19 02:43:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.06.19 02:43:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2013.06.19 02:43:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.06.19 02:43:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.06.19 02:43:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.06.19 02:43:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2013.06.19 02:43:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013.06.19 02:43:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2013.06.19 02:43:47 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.06.19 02:43:47 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.06.19 02:43:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2013.06.19 02:43:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2013.06.19 02:43:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013.06.19 02:43:46 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.06.19 02:43:46 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.06.19 02:43:46 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.06.19 02:43:46 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.06.19 02:43:46 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.06.19 02:43:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.06.19 02:43:46 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.06.19 02:43:45 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.06.19 02:43:45 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.06.19 02:43:45 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.06.19 02:43:45 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.06.19 02:43:45 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.06.19 02:43:45 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.06.19 02:43:45 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.06.19 02:43:44 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.06.19 02:43:44 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.06.19 02:43:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.06.19 02:43:44 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.06.19 02:43:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.06.19 02:43:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.06.19 02:43:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.06.19 02:43:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013.06.19 02:43:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2013.06.19 02:43:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2013.06.19 02:43:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013.06.19 02:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2013.06.19 02:43:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013.06.19 02:43:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2013.06.19 02:43:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013.06.19 02:43:38 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.06.19 02:43:32 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.06.19 02:43:31 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2013.06.19 02:43:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2013.06.19 02:43:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2013.06.19 02:43:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2013.06.19 02:43:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.06.19 02:43:29 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2013.06.19 02:43:27 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2013.06.19 02:43:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2013.06.19 02:43:27 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2013.06.19 02:43:27 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2013.06.19 02:43:27 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2013.06.19 02:43:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2013.06.19 02:43:27 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2013.06.19 02:43:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.06.19 02:43:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.06.19 02:43:26 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2013.06.19 02:43:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2013.06.19 02:43:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2013.06.19 02:43:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.06.19 02:43:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2013.06.19 02:43:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2013.06.19 02:43:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2013.06.19 02:43:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2013.06.19 02:43:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2013.06.19 02:43:25 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2013.06.19 02:43:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2013.06.19 02:43:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.06.19 02:43:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.06.19 02:43:24 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2013.06.19 02:43:24 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2013.06.19 02:43:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.06.19 02:43:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.06.19 02:43:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2013.06.19 02:43:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2013.06.19 02:43:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2013.06.19 02:43:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2013.06.19 02:43:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2013.06.19 02:43:21 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.06.19 02:43:21 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.06.19 02:43:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.06.19 02:43:21 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.06.19 02:43:20 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.06.19 02:43:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
thomas frank mas
2013-07-09, 01:05
[2013.06.19 02:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2013.06.19 02:43:07 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.06.19 02:43:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013.06.19 02:43:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013.06.19 02:43:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013.06.19 02:43:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.06.19 02:43:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2013.06.19 02:43:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.06.19 02:43:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.06.19 02:43:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.06.19 02:43:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.06.19 02:43:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.06.19 02:43:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.06.19 02:43:01 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.06.19 02:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.06.19 02:43:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.06.19 02:43:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.06.19 02:43:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.06.19 02:43:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013.06.19 02:42:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2013.06.19 02:42:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.06.19 02:42:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.06.19 02:42:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.06.19 02:42:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013.06.19 02:42:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013.06.19 02:42:49 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2013.06.19 02:42:49 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2013.06.19 02:42:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013.06.19 02:42:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013.06.19 02:42:48 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2013.06.19 02:42:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2013.06.19 02:42:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2013.06.19 02:42:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.06.19 02:42:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013.06.19 02:42:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2013.06.19 02:42:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013.06.19 02:42:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013.06.19 02:42:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2013.06.19 02:42:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2013.06.19 02:42:38 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2013.06.19 02:42:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.06.19 02:42:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2013.06.19 02:42:36 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2013.06.19 02:42:36 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2013.06.19 02:42:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2013.06.19 02:42:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2013.06.19 02:42:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013.06.19 02:42:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2013.06.19 02:42:26 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2013.06.19 02:42:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013.06.19 02:42:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2013.06.19 02:42:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2013.06.19 02:42:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2013.06.19 02:42:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2013.06.19 02:42:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013.06.19 02:42:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013.06.19 02:42:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013.06.19 02:42:25 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2013.06.19 02:42:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.06.19 02:42:25 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2013.06.19 02:42:25 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2013.06.19 02:42:25 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2013.06.19 02:42:25 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2013.06.19 02:42:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013.06.19 02:42:24 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2013.06.19 02:42:24 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2013.06.19 02:42:24 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2013.06.19 02:42:24 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2013.06.19 02:42:24 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2013.06.19 02:42:24 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2013.06.19 02:42:24 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2013.06.19 02:42:24 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2013.06.19 02:42:24 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2013.06.19 02:42:23 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2013.06.19 02:42:23 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2013.06.19 02:42:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2013.06.19 02:42:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2013.06.19 02:42:22 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2013.06.19 02:42:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2013.06.19 02:42:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013.06.19 02:42:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2013.06.19 02:42:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2013.06.19 02:42:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2013.06.19 02:42:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2013.06.19 02:42:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2013.06.19 02:41:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.06.19 02:39:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\DRM
[2013.06.19 02:38:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.06.19 02:38:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.06.19 02:38:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.06.19 02:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.06.19 02:38:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.06.19 02:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.06.19 02:38:10 | 000,727,614 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2013.06.19 02:38:10 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2013.06.19 02:38:09 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2013.06.19 02:38:08 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.06.19 02:38:08 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2013.06.19 02:38:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.06.19 02:38:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2013.06.19 02:38:07 | 001,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.06.19 02:38:07 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.06.19 02:38:07 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.06.19 02:38:07 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2013.06.19 02:38:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.06.19 02:38:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.06.19 02:37:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2013.06.19 02:37:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2013.06.19 02:37:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2013.06.19 02:37:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2013.06.19 02:37:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2013.06.19 02:37:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2013.06.19 02:37:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2013.06.19 02:37:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2013.06.19 02:37:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2013.06.19 02:37:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2013.06.19 02:37:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013.06.19 02:37:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2013.06.19 02:37:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2013.06.19 02:37:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2013.06.19 02:37:47 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2013.06.19 02:37:47 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2013.06.19 02:37:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2013.06.19 02:37:46 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2013.06.19 02:37:46 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2013.06.19 02:37:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2013.06.19 02:37:45 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2013.06.19 02:37:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2013.06.19 02:37:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2013.06.19 02:37:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2013.06.19 02:37:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder
[2013.06.19 02:36:51 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spiele
[2013.06.19 02:36:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Verwaltung
[2013.06.19 02:36:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.06.19 02:35:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.06.19 02:35:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.06.19 02:35:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.06.19 02:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.06.19 02:35:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.06.19 02:35:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.06.19 02:35:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.06.19 02:35:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.06.19 02:35:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.06.19 02:35:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.06.19 02:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.06.19 02:35:26 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.06.19 02:35:26 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.06.19 02:35:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.06.19 02:35:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.06.19 02:35:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.06.19 02:35:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.06.19 02:35:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.06.19 02:35:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.06.19 02:35:25 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2013.06.19 02:35:23 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2013.06.19 02:35:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2013.06.19 02:35:23 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2013.06.19 02:35:22 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013.06.19 02:35:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.06.19 02:35:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2013.06.19 02:35:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.06.19 02:35:21 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.06.19 02:35:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.06.19 02:35:19 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.06.19 02:35:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.06.19 02:35:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2013.06.19 02:35:18 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2013.06.19 02:35:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.06.19 02:35:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.06.19 02:35:17 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.06.19 02:35:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2013.06.19 02:35:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2013.06.19 02:35:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2013.06.19 02:35:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2013.06.19 02:35:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2013.06.19 02:35:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2013.06.19 02:35:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2013.06.19 02:35:14 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2013.06.19 02:35:14 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2013.06.19 02:35:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2013.06.19 02:35:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2013.06.19 02:35:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2013.06.19 02:35:14 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2013.06.19 02:35:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2013.06.19 02:35:14 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2013.06.19 02:35:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2013.06.19 02:35:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2013.06.19 02:35:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2013.06.19 02:35:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2013.06.19 02:35:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2013.06.19 02:35:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2013.06.19 02:35:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2013.06.19 02:35:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2013.06.19 02:35:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2013.06.19 02:35:13 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2013.06.19 02:35:13 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2013.06.19 02:35:13 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2013.06.19 02:35:13 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2013.06.19 02:35:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2013.06.19 02:35:13 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2013.06.19 02:35:13 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2013.06.19 02:35:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2013.06.19 02:35:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2013.06.19 02:35:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2013.06.19 02:35:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
thomas frank mas
2013-07-09, 01:06
[2013.06.19 02:35:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2013.06.19 02:35:12 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2013.06.19 02:35:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2013.06.19 02:35:11 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2013.06.19 02:35:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos
[2013.06.19 02:32:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013.06.18 23:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.06.18 23:41:40 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013.06.18 18:57:09 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2013.06.18 18:57:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013.06.18 18:56:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2013.06.12 14:12:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.06.11 15:59:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.06.11 15:58:51 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
========== Files - Modified Within 30 Days ==========
[2013.07.09 00:01:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.09 00:00:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.08 23:50:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.08 18:58:22 | 000,000,670 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.07.07 22:35:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.07.07 20:37:05 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013.07.07 14:15:30 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2013.07.05 15:07:50 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.03 00:31:34 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.07.01 17:02:01 | 000,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 20:15:26 | 000,001,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:42:36 | 000,001,999 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 21:14:21 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.28 15:42:47 | 000,000,276 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.28 14:57:00 | 000,001,550 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 02:07:49 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.28 02:07:49 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.28 02:07:34 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.27 20:25:28 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.27 19:30:04 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.27 19:30:04 | 000,007,611 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.27 19:30:04 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.25 18:35:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.06.25 18:35:15 | 000,549,843 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.25 17:55:32 | 000,520,626 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.06.25 17:55:32 | 000,475,764 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.06.25 17:55:32 | 000,101,770 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.06.25 17:55:32 | 000,076,798 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.06.25 15:45:12 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.25 15:12:55 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.25 15:10:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.25 15:10:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.25 15:08:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.06.24 14:58:08 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.24 14:47:54 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.24 14:47:53 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.24 13:54:43 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.22 22:46:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.22 22:45:57 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.22 22:45:57 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.22 22:15:58 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | M] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 03:27:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:56:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:56:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:56:15 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.22 02:56:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:56:15 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:27:21 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 01:25:39 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 02:48:42 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.19 02:47:09 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 02:41:36 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:41:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 02:36:48 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.10 19:41:56 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
========== Files Created - No Company Name ==========
[2013.07.07 20:36:59 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.07.07 20:26:49 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.07.07 20:26:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.07.07 20:26:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.07.07 20:26:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.07.07 20:26:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.07.07 13:35:35 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2013.07.07 13:35:35 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk
[2013.07.05 15:07:50 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.29 20:15:26 | 000,001,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:43:24 | 000,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 18:43:22 | 000,000,644 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.29 18:43:20 | 000,000,670 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.29 18:42:37 | 000,002,005 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot-S&D Start Center.lnk
[2013.06.29 18:42:35 | 000,001,999 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 14:56:58 | 000,001,550 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 00:08:12 | 000,000,276 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.27 20:25:27 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.25 17:34:53 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013.06.25 15:12:54 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk
[2013.06.25 15:12:54 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.24 13:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.23 12:23:13 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.23 12:23:12 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.23 12:22:40 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.22 22:15:58 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | C] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 04:31:36 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.22 03:34:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.22 03:34:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.06.22 03:34:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.22 03:34:15 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.06.22 03:33:57 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.06.22 03:33:57 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013.06.22 03:33:57 | 000,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013.06.22 03:33:57 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.06.22 03:33:57 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013.06.22 03:33:57 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.06.22 03:33:57 | 000,021,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013.06.22 03:33:57 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.06.22 03:33:57 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013.06.22 03:33:57 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.06.22 03:33:57 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.06.22 03:33:57 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.06.22 03:33:57 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.06.22 03:33:57 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.06.22 03:33:57 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.06.22 03:33:56 | 002,039,179 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.06.22 03:33:56 | 001,246,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.06.22 03:33:56 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.06.22 03:33:56 | 000,631,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.06.22 03:32:58 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.22 03:27:16 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.22 02:27:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 23:12:19 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.20 23:12:19 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.20 23:11:03 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013.06.20 23:11:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.20 16:00:58 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.20 16:00:56 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Apple Software Update.lnk
[2013.06.20 14:57:18 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.20 14:57:18 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.20 14:56:11 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymVTcer.dat
[2013.06.20 14:56:11 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.cat
[2013.06.20 14:56:11 | 000,008,067 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat
[2013.06.20 14:56:11 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnetv.cat
[2013.06.20 14:56:11 | 000,007,667 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccsetx86.cat
[2013.06.20 14:56:11 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\iron.cat
[2013.06.20 14:56:11 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.cat
[2013.06.20 14:56:11 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.cat
[2013.06.20 14:56:11 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.inf
[2013.06.20 14:56:11 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.inf
[2013.06.20 14:56:11 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNetV.inf
[2013.06.20 14:56:11 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.inf
[2013.06.20 14:56:11 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.inf
[2013.06.20 14:56:11 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf
[2013.06.20 14:56:11 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symELAM.inf
[2013.06.20 14:56:11 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.inf
[2013.06.20 14:56:11 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Iron.inf
[2013.06.20 14:56:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
[2013.06.19 22:09:10 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\VT20130115.021
[2013.06.19 21:04:02 | 000,549,843 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.19 18:26:05 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:34:34 | 000,001,713 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:49 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.19 12:01:48 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.19 12:01:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.19 12:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 12:01:02 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.06.19 02:47:09 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.19 02:44:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.06.19 02:43:56 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.06.19 02:43:46 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.06.19 02:43:46 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.06.19 02:43:44 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.06.19 02:43:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.06.19 02:43:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.06.19 02:43:24 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.06.19 02:43:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.06.19 02:41:36 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 02:41:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 02:41:23 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:38:54 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Movie Maker.lnk
[2013.06.19 02:38:33 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.06.19 02:38:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.06.19 02:37:48 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.06.19 02:36:51 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Messenger.lnk
[2013.06.19 02:36:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 02:36:00 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\MSN.lnk
[2013.06.19 02:35:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2013.06.19 02:35:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2013.06.19 02:35:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013.06.19 02:35:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2013.06.19 02:35:35 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2013.06.19 02:35:35 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2013.06.19 02:35:35 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2013.06.19 02:35:35 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2013.06.19 02:35:35 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2013.06.19 02:35:35 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2013.06.19 02:35:35 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2013.06.19 02:35:32 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.06.19 02:35:32 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.06.19 02:35:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.06.19 02:35:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013.06.18 18:58:24 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.06.18 18:58:22 | 000,476,395 | R--- | C] () -- C:\txtsetup.sif
[2013.06.18 18:58:22 | 000,262,464 | R--- | C] () -- C:\$LDR$
========== ZeroAccess Check ==========
[2013.06.25 15:16:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 03:59:04 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Looks like it fixed it this time, lets see what AdwCleaner comes up with
thomas frank mas
2013-07-09, 01:27
# AdwCleaner v2.304 - Datei am 09/07/2013 um 01:19:40 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Tom - FRANK-B
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\AdwCleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\Freecorder extension
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Freecorder extension
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\InstallIQ
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[S1].txt - [5050 octets] - [09/07/2013 01:19:40]
########## EOF - C:\AdwCleaner[S1].txt - [5110 octets] ##########
Great, run a new scan with Spybot and post the log and lets see if those entries are gone
How are things running now, logs are looking good
thomas frank mas
2013-07-09, 03:16
As far I can see you have excellent work done. No delays and high performance.
I thank you very much.
Tom
# AdwCleaner v2.304 - Datei am 09/07/2013 um 01:19:40 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Tom - FRANK-B
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\AdwCleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\Freecorder extension
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Freecorder extension
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\InstallIQ
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\
063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[S1].txt - [5050 octets] - [09/07/2013 01:19:40]
########## EOF - C:\AdwCleaner[S1].txt - [5110 octets] ##########
:bigthumb:
I was asking for a new Spybot scan to see if both those entries are gone, not another AdwCleaner log
thomas frank mas
2013-07-09, 13:22
Sorry! I had, as you can see a scan made. must be a mistake.
Search results from Spybot - Search & Destroy
09.07.2013 03:09:06
Scan took 01:05:17.
36 items found.
Toolbar.Snap.do: [SBI $946FBA81] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Search Page
Toolbar.Snap.do: [SBI $AFDBE44E] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Start Page
Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Tom) (Browser: Cookie, nothing done)
Common Dialogs: [SBI $8E73A7FB] History (30 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Internet Explorer\Download Directory
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Office\11.0\Word\Data\Settings
MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Search Assistant\ACMru
MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Search Assistant\ACMru
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count
Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Cookie: [SBI $49804B54] Browser: Cookie (119) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (424) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (408) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (21) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (46) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (35) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-29 spybotsd2-installer.exe (2.1.20.0)
2013-06-19 spybotsd2-translation-frx.exe
2013-06-29 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-07-03 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-06-25 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-07-04 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-06-19 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-07-03 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)
It looks like there is just some leftover Snap Do.
When ever you download and install any programs READ READ READ what your installing, if you just keep clicking on next and not reading through the prompts sometimes you will install third party software without realizing it.
Open Internet Explorer and go to Tools > Manage Add Ons and go to Toolbars and Extensions and if you see Snap Do in there disable it. Then go to Search Providers and if Snap Do is present highlight it and remove it.
Then close out IE
You will need to download the 32 bit version of this program
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1 (http://jpshortstuff.247fixes.com/SystemLook.exe)
Download Mirror #2 (http://images.malwareremoval.com/jpshortstuff/SystemLook.exe)
64 Bit Version (http://jpshortstuff.247Fixes.com/SystemLook_x64.exe)
Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
:folderfind
Snap.do
:filefind
Snap.do
:regfind
Snap.do
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
thomas frank mas
2013-07-09, 16:48
SystemLook 30.07.11 by jpshortstuff
Log created at 15:13 on 09/07/2013 by Tom
Administrator - Elevation successful
========== folderfind ==========
To download System Look was not easy at all, bacause this Pge wanted me to download several other programms. The download button was hidden!
I could not find any snap.do in the IE Tools.
Searching for "Snap.do"
No folders found.
========== filefind ==========
Searching for "Snap.do"
No files found.
========== regfind ==========
Searching for "Snap.do"
No data found.
-= EOF =-
Great, looks like your ready to go, any other issues ?
thomas frank mas
2013-07-09, 17:43
No, I thank you realy very much. Everything goes fine.
Thankful
Tom
Wonderful :)
We need to update your Java to keep you more secure
Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 25, if not proceed with the instructions.
Go to the update Tab and update it
Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.
You can verify the installation Here (http://www.java.com/en/download/help/testvm.xml)
Click START then RUN
Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
http://i526.photobucket.com/albums/cc345/MPKwings/CF-Uninstall.png
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/index.php?showtopic=57817)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Safe Surfn
Ken