Win32.Downloader found?

thomas frank mas · Jul 7, 2013

fifth reply of five

[2013.06.22 21:08:31 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 03:27:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:56:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:56:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:56:15 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.22 02:56:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:56:15 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:27:21 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 15:46:41 | 000,000,796 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\NVIDIA Controlpanel.lnk
[2013.06.20 12:25:48 | 000,000,586 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\XnView.lnk
[2013.06.20 01:29:32 | 000,001,210 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xvideo.lnk
[2013.06.20 01:29:11 | 000,001,205 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\zspez.lnk
[2013.06.20 01:28:54 | 000,001,202 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xppt.lnk
[2013.06.20 01:25:39 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 03:22:25 | 000,000,709 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\PC Wizard.lnk
[2013.06.19 03:16:18 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Arbeitsplatz.lnk
[2013.06.19 03:15:59 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OE.lnk
[2013.06.19 02:48:42 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.19 02:47:09 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 02:41:36 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:41:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 02:36:48 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.10 19:41:56 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini

========== Files Created - No Company Name ==========

[2013.07.07 20:36:59 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.07.07 20:26:49 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.07.07 20:26:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.07.07 20:26:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.07.07 20:26:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.07.07 20:26:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.07.05 15:07:50 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.04 13:08:03 | 000,000,572 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\ERUNT.lnk
[2013.06.29 20:15:26 | 000,001,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:43:24 | 000,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 18:43:22 | 000,000,644 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.29 18:43:20 | 000,000,670 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.29 18:42:37 | 000,002,005 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot-S&D Start Center.lnk
[2013.06.29 18:42:35 | 000,001,999 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 15:13:18 | 000,000,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\WizardInitConfig.cfg
[2013.06.28 14:56:58 | 000,001,550 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 00:18:45 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Temporary Internet Files.lnk
[2013.06.28 00:08:12 | 000,000,276 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.27 20:25:27 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.25 19:15:17 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Windows Media Player.lnk
[2013.06.25 17:34:53 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013.06.25 15:12:54 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk
[2013.06.25 15:12:54 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.25 14:30:44 | 000,002,651 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Outlook 2003.lnk
[2013.06.24 13:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.24 13:08:31 | 000,000,956 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Netzwerkumgebung.lnk
[2013.06.23 12:23:13 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.23 12:23:12 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.23 12:22:40 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.23 12:22:28 | 000,001,640 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\FinalMediaPlayer.lnk
[2013.06.22 22:15:58 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:33:06 | 000,001,486 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\DivX Movies.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | C] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 04:31:36 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.22 03:34:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.22 03:34:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.06.22 03:34:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.22 03:34:15 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.06.22 03:33:57 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.06.22 03:33:57 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013.06.22 03:33:57 | 000,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013.06.22 03:33:57 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.06.22 03:33:57 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013.06.22 03:33:57 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.06.22 03:33:57 | 000,021,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013.06.22 03:33:57 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.06.22 03:33:57 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013.06.22 03:33:57 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.06.22 03:33:57 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.06.22 03:33:57 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.06.22 03:33:57 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.06.22 03:33:57 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.06.22 03:33:57 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.06.22 03:33:56 | 002,039,179 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.06.22 03:33:56 | 001,246,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.06.22 03:33:56 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.06.22 03:33:56 | 000,631,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.06.22 03:32:58 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.22 03:27:16 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.22 02:27:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 23:12:19 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.20 23:12:19 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.20 23:11:03 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013.06.20 23:11:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.20 16:00:58 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.20 16:00:56 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Apple Software Update.lnk
[2013.06.20 15:46:41 | 000,000,796 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\NVIDIA Controlpanel.lnk
[2013.06.20 14:57:18 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.20 14:57:18 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.20 14:56:11 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymVTcer.dat
[2013.06.20 14:56:11 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.cat
[2013.06.20 14:56:11 | 000,008,067 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat
[2013.06.20 14:56:11 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnetv.cat
[2013.06.20 14:56:11 | 000,007,667 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccsetx86.cat
[2013.06.20 14:56:11 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\iron.cat
[2013.06.20 14:56:11 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.cat
[2013.06.20 14:56:11 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.cat
[2013.06.20 14:56:11 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.inf
[2013.06.20 14:56:11 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.inf
[2013.06.20 14:56:11 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNetV.inf
[2013.06.20 14:56:11 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.inf
[2013.06.20 14:56:11 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.inf
[2013.06.20 14:56:11 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf
[2013.06.20 14:56:11 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symELAM.inf
[2013.06.20 14:56:11 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.inf
[2013.06.20 14:56:11 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Iron.inf
[2013.06.20 14:56:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
[2013.06.20 12:25:48 | 000,000,586 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\XnView.lnk
[2013.06.20 01:27:19 | 000,001,202 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xppt.lnk
[2013.06.20 01:27:15 | 000,001,205 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\zspez.lnk
[2013.06.20 01:27:10 | 000,001,210 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\xvideo.lnk
[2013.06.19 22:09:10 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\VT20130115.021
[2013.06.19 21:04:02 | 000,549,843 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.19 18:26:05 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:34:34 | 000,001,713 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:49 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.19 12:01:48 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.19 12:01:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.19 12:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 12:01:02 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.06.19 03:22:25 | 000,000,709 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\PC Wizard.lnk
[2013.06.19 03:16:18 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\Arbeitsplatz.lnk
[2013.06.19 03:15:59 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OE.lnk
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.06.19 02:56:16 | 000,000,718 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Outlook Express.lnk
[2013.06.19 02:56:00 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Internet Explorer.lnk
[2013.06.19 02:54:44 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Remoteunterstützung.lnk
[2013.06.19 02:54:44 | 000,000,768 | ---- | C] () -- C:\Dokumente und Einstellungen\Tom.FRANK-B\Startmenü\Programme\Windows Media Player.lnk
[2013.06.19 02:47:09 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.19 02:44:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.06.19 02:43:56 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.06.19 02:43:46 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.06.19 02:43:46 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.06.19 02:43:44 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.06.19 02:43:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.06.19 02:43:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.06.19 02:43:24 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.06.19 02:43:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.06.19 02:41:36 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 02:41:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 02:41:23 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:38:54 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Movie Maker.lnk
[2013.06.19 02:38:33 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.06.19 02:38:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.06.19 02:37:48 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.06.19 02:36:51 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Messenger.lnk
[2013.06.19 02:36:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 02:36:00 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\MSN.lnk
[2013.06.19 02:35:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2013.06.19 02:35:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2013.06.19 02:35:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013.06.19 02:35:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2013.06.19 02:35:35 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2013.06.19 02:35:35 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2013.06.19 02:35:35 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2013.06.19 02:35:35 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2013.06.19 02:35:35 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2013.06.19 02:35:35 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2013.06.19 02:35:35 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2013.06.19 02:35:32 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.06.19 02:35:32 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.06.19 02:35:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.06.19 02:35:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013.06.18 18:58:24 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.06.18 18:58:22 | 000,476,395 | R--- | C] () -- C:\txtsetup.sif
[2013.06.18 18:58:22 | 000,262,464 | R--- | C] () -- C:\$LDR$

========== ZeroAccess Check ==========

[2013.06.25 15:16:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 03:59:04 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

ken545 · Jul 7, 2013

Open OTL.exe

Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

Code:

:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
[2013.06.29 19:28:42 | 000,449,428 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130703-003131.backup


:Services

:Reg

:Files
ipconfig /flushdns /c


:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Then click the Run Fix button at the top. <--Not run Scan
Let the program run unhindered, reboot when it is done
Then post the results of the log it produces

Then run a new scan with OTL and post the log

Go here and download AdwCleaner to your desktop

Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

thomas frank mas · Jul 8, 2013

Hi Ken!
Sorry to answer so late. Was absent. OTL did not run realy. Stopped at "killing process. DO NOT INTERRUPT". As before i shut down the computer and replied. What to do?

ken545 · Jul 8, 2013

Did you run it in Safemode as we discussed earlier ?

thomas frank mas · Jul 8, 2013

No I did not. Shall I repeat all mesures in Safemode?

ken545 · Jul 8, 2013

Yes please do. But AdwCleaner should run just fine in normal windows

thomas frank mas · Jul 8, 2013

first reply

All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
C:\WINDOWS\system32\drivers\etc\hosts.20130703-003131.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT-AUTORITÄT.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT-AUTORITÄT
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT-AUTORITÄT.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33208 bytes

User: Tom
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Tom.FRANK-B
->Temp folder emptied: 2612 bytes
->Temporary Internet Files folder emptied: 8910704 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser.FRANK-B
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17385 bytes
RecycleBin emptied: 340016 bytes

Total Files Cleaned = 9,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07082013_235912

Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_b[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_h[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_l[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WFNWBCS8\f_r[1].eot moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\TIEEM0BF\upc_at[4].htm moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\Content.IE5\S0T55V22\showthread[2].htm moved successfully.
C:\Dokumente und Einstellungen\Tom.FRANK-B\Lokale Einstellungen\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

thomas frank mas · Jul 9, 2013

second reply first part

OTL logfile created on: 09.07.2013 00:29:43 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,64 Gb Available Physical Memory | 81,86% Memory free
3,85 Gb Paging File | 3,67 Gb Available in Paging File | 95,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 44,79 Gb Free Space | 60,11% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 43,15 Gb Free Space | 28,95% Space Free | Partition Type: NTFS

Computer Name: FRANK-B | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Safer Networking\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\NVIDIA Corporation\nView\nvShell.dll ()

========== Services (SafeList) ==========

SRV - (SDWSCService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDUpdateService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (SDScannerService) -- C:\Programme\Safer Networking\Spybot File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (NIS) -- C:\Programme\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Apple Mobile Device) -- c:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130706.002\IDSXpx86.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130708.002\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130708.002\NAVENG.SYS (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymEFA.sys (Symantec Corporation)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\SymDS.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtsp.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\symtdi.sys (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys (Symantec Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\NIS\1404000.028\srtspx.sys (Symantec Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (cpuz135) -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys (CPUID)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (MagicTune) -- C:\WINDOWS\system32\drivers\MTiCtwl.sys (Samsung Electronics, Inc. )
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (VIAudio) -- C:\WINDOWS\system32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?rd=1&ucc=AT&dcc=AT&opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 D5 F9 C5 28 7C CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7A9335EE-C65E-4F2D-A40D-BE16B14FC07F}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\APPLE\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013.06.20 15:02:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2013.07.08 18:58:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.06.22 21:33:03 | 000,000,000 | ---D | M]

[2013.03.28 00:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

O1 HOSTS File: ([2013.07.07 22:35:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Engine\20.4.0.40\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] c:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Programme\APPLE\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MagicTuneLauncher] C:\Programme\MagicTune Premium\MagicTuneLauncher.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Safer Networking\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk = C:\Programme\MagicTune Premium\GammaTray.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1371604349625 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D6775AE-C5DE-4202-A172-E809EB93E068}: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.17 12:37:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.07.09 00:16:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2013.07.09 00:16:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe
[2013.07.09 00:16:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\PrivacIE
[2013.07.07 23:26:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.07.07 20:36:54 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.07.07 20:26:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.07.07 20:26:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.07.07 20:26:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.07.07 20:26:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.07.07 20:25:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.07 20:24:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.07.07 13:44:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Windows Search
[2013.07.07 13:36:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\IETldCache
[2013.07.07 13:35:35 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2013.07.07 13:35:35 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2013.07.07 13:35:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2013.07.07 13:35:35 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2013.07.07 13:35:35 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2013.07.07 13:35:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2013.07.07 13:35:34 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2013.07.07 13:35:34 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2013.07.07 13:35:34 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2013.07.06 00:31:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.05 15:07:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.07.05 15:07:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Malwarebytes
[2013.07.05 15:07:44 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.07.05 15:07:43 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Programme\ERUNT
[2013.07.04 13:08:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\ERUNT
[2013.06.29 20:15:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\iTunes
[2013.06.29 20:13:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.06.29 18:42:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot - Search & Destroy 2
[2013.06.29 18:42:20 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013.06.29 13:09:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Spybot - Search & Destroy
[2013.06.29 12:20:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
[2013.06.29 12:20:43 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
[2013.06.29 12:20:42 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\ac97via.sys
[2013.06.28 20:57:13 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2013.06.28 14:56:37 | 000,102,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\IMEKR70.IME
[2013.06.28 14:56:33 | 000,014,336 | ---- | C] (Samsung Electronics, Inc. ) -- C:\WINDOWS\System32\drivers\MTiCtwl.sys
[2013.06.27 20:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Google Earth
[2013.06.26 14:31:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Jaksta Technologies
[2013.06.25 18:35:14 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2013.06.25 16:24:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2013.06.25 16:24:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2013.06.25 15:19:22 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2013.06.25 15:19:22 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2013.06.25 15:19:22 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2013.06.25 15:19:22 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2013.06.25 15:19:21 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2013.06.25 15:19:20 | 000,000,000 | ---D | C] -- C:\ca9b08492440786b47e613
[2013.06.25 15:11:01 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.06.24 13:54:43 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:26 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll
[2013.06.24 13:52:50 | 000,012,808 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys
[2013.06.24 13:52:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech
[2013.06.24 13:52:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Logishrd
[2013.06.24 12:54:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013.06.23 13:24:50 | 006,112,864 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2013.06.23 12:22:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FinalMediaPlayer
[2013.06.23 12:17:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
[2013.06.22 22:27:19 | 000,022,664 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\L8042Kbd.sys
[2013.06.22 22:23:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Logishrd
[2013.06.22 22:15:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DVDVideoSoft
[2013.06.22 22:01:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdrom.sys
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2fs.dll
[2013.06.22 22:01:22 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2fs.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imapi2.dll
[2013.06.22 22:01:22 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imapi2.dll
[2013.06.22 21:30:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\DivX Plus
[2013.06.22 21:30:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DivX Shared
[2013.06.22 20:53:29 | 000,000,000 | ---D | C] -- C:\TEMP
[2013.06.22 03:40:11 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2013.06.22 03:40:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2013.06.22 03:40:06 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irsir.sys
[2013.06.22 03:39:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.06.22 03:39:13 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2013.06.22 03:34:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2013.06.22 03:34:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2013.06.22 03:34:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2013.06.22 03:34:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2013.06.22 03:34:27 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2013.06.22 03:34:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2013.06.22 03:34:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2013.06.22 03:34:24 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2013.06.22 03:34:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2013.06.22 03:34:24 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2013.06.22 03:34:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2013.06.22 03:34:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2013.06.22 03:34:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2013.06.22 03:34:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2013.06.22 03:34:22 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2013.06.22 03:34:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2013.06.22 03:34:21 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2013.06.22 03:34:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2013.06.22 03:34:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2013.06.22 03:34:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013.06.22 03:34:18 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.06.22 03:34:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.06.22 03:34:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013.06.22 03:34:17 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.06.22 03:34:17 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013.06.22 03:34:17 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.06.22 03:34:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.06.22 03:34:17 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.06.22 03:34:17 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.06.22 03:34:17 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.06.22 03:34:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.06.22 03:34:17 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.06.22 03:34:17 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.06.22 03:34:17 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.06.22 03:34:17 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.06.22 03:34:16 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.06.22 03:34:16 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.06.22 03:34:16 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.06.22 03:34:16 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.06.22 03:34:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.06.22 03:34:16 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.06.22 03:34:16 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.06.22 03:34:16 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.06.22 03:34:16 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.06.22 03:34:16 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.06.22 03:34:15 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2013.06.22 03:34:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.06.22 03:34:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013.06.22 03:34:15 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2013.06.22 03:34:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.06.22 03:34:13 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente
[2013.06.22 03:34:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013.06.22 03:34:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Vorlagen
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Favoriten
[2013.06.22 03:34:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop
[2013.06.22 03:33:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft
[2013.06.22 03:33:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten
[2013.06.22 03:27:11 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:57:09 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:57:08 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:57:08 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:57:02 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:57:01 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Office
[2013.06.21 19:38:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Sun
[2013.06.21 19:37:40 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.21 12:27:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Microsoft Silverlight
[2013.06.21 11:45:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\McAfee
[2013.06.20 23:13:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Google
[2013.06.20 23:08:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Adobe
[2013.06.20 17:50:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\DivX
[2013.06.20 17:05:02 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2013.06.20 17:04:59 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2013.06.20 17:04:56 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2013.06.20 17:04:50 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2013.06.20 17:04:46 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2013.06.20 17:04:42 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2013.06.20 17:04:39 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2013.06.20 17:04:36 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2013.06.20 17:04:33 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2013.06.20 17:04:28 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2013.06.20 17:04:23 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.06.20 17:04:04 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2013.06.20 17:04:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2013.06.20 17:04:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.06.20 17:04:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2013.06.20 16:03:39 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple Computer
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Programme\APPLE
[2013.06.20 16:01:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.06.20 15:59:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Apple
[2013.06.20 14:57:18 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2013.06.20 14:57:18 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2013.06.20 14:56:38 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.sys
[2013.06.20 14:56:38 | 000,603,224 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.sys
[2013.06.20 14:56:38 | 000,396,760 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdi.sys
[2013.06.20 14:56:38 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.sys
[2013.06.20 14:56:38 | 000,352,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symtdiv.sys
[2013.06.20 14:56:38 | 000,339,544 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnets.sys
[2013.06.20 14:56:38 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Ironx86.sys
[2013.06.20 14:56:38 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.sys
[2013.06.20 14:56:38 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.sys
[2013.06.20 14:56:37 | 000,134,744 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.sys
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Programme\Norton Internet Security
[2013.06.20 14:56:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Norton Internet Security
[2013.06.20 14:55:42 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller

thomas frank mas · Jul 9, 2013

second reply second part

[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2013.06.20 00:56:09 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2013.06.20 00:56:09 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2013.06.20 00:56:09 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2013.06.20 00:56:09 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2013.06.20 00:56:09 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2013.06.20 00:56:09 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2013.06.20 00:56:09 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2013.06.20 00:56:09 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2013.06.20 00:56:09 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2013.06.20 00:56:09 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2013.06.20 00:56:09 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2013.06.20 00:56:09 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2013.06.20 00:56:09 | 000,143,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2013.06.20 00:56:09 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2013.06.20 00:56:07 | 015,494,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2013.06.20 00:56:07 | 000,108,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2013.06.20 00:55:57 | 000,054,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2013.06.19 21:02:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1404000.028
[2013.06.19 21:01:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PCSettings
[2013.06.19 18:47:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NortonInstaller
[2013.06.19 18:32:57 | 000,877,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvgenco32.dll
[2013.06.19 18:07:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Windows Genuine Advantage
[2013.06.19 18:00:59 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.06.19 17:59:01 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.06.19 16:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Norton
[2013.06.19 16:21:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Norton
[2013.06.19 12:56:26 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2013.06.19 12:56:26 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2013.06.19 12:56:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2013.06.19 12:56:25 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.06.19 12:56:25 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.06.19 12:56:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2013.06.19 12:56:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.06.19 12:56:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2013.06.19 12:56:20 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.06.19 12:40:11 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Common Files
[2013.06.19 12:38:28 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2013.06.19 12:34:41 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2013.06.19 12:34:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012
[2013.06.19 12:30:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\TuneUp Software
[2013.06.19 12:29:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013.06.19 12:04:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA Corporation
[2013.06.19 12:04:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\NVIDIA
[2013.06.19 12:01:55 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2013.06.19 12:01:07 | 005,967,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2013.06.19 12:01:04 | 019,189,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2013.06.19 12:01:03 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2013.06.19 12:01:02 | 007,536,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2013.06.19 12:01:02 | 002,581,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2013.06.19 12:01:02 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2013.06.19 12:01:02 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2013.06.19 12:00:47 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2013.06.19 12:00:47 | 002,389,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2013.06.19 12:00:46 | 012,648,960 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.06.19 12:00:46 | 004,494,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2013.06.19 03:18:55 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2013.06.19 03:18:19 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2013.06.19 03:15:27 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.06.19 03:14:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2013.06.19 03:10:12 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013.06.19 03:10:12 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013.06.19 03:10:11 | 002,195,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013.06.19 03:10:10 | 002,072,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013.06.19 03:00:30 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.06.19 02:45:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2013.06.19 02:45:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2013.06.19 02:45:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2013.06.19 02:45:11 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2013.06.19 02:45:10 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2013.06.19 02:45:10 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013.06.19 02:45:10 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013.06.19 02:45:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2013.06.19 02:45:08 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2013.06.19 02:45:08 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2013.06.19 02:45:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2013.06.19 02:45:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2013.06.19 02:45:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2013.06.19 02:45:07 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2013.06.19 02:45:07 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013.06.19 02:45:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2013.06.19 02:45:06 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2013.06.19 02:45:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2013.06.19 02:45:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2013.06.19 02:45:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2013.06.19 02:45:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013.06.19 02:45:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2013.06.19 02:45:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2013.06.19 02:45:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2013.06.19 02:45:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013.06.19 02:45:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2013.06.19 02:45:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2013.06.19 02:44:59 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013.06.19 02:44:59 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013.06.19 02:44:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013.06.19 02:44:56 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2013.06.19 02:44:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2013.06.19 02:44:55 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2013.06.19 02:44:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2013.06.19 02:44:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013.06.19 02:44:53 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2013.06.19 02:44:52 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2013.06.19 02:44:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2013.06.19 02:44:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013.06.19 02:44:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2013.06.19 02:44:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2013.06.19 02:44:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2013.06.19 02:44:51 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2013.06.19 02:44:51 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2013.06.19 02:44:51 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2013.06.19 02:44:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2013.06.19 02:44:50 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2013.06.19 02:44:50 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2013.06.19 02:44:49 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2013.06.19 02:44:49 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013.06.19 02:44:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013.06.19 02:44:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013.06.19 02:44:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013.06.19 02:44:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013.06.19 02:44:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013.06.19 02:44:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013.06.19 02:44:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013.06.19 02:44:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013.06.19 02:44:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013.06.19 02:44:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013.06.19 02:44:43 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2013.06.19 02:44:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2013.06.19 02:44:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013.06.19 02:44:40 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013.06.19 02:44:40 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013.06.19 02:44:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2013.06.19 02:44:40 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2013.06.19 02:44:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2013.06.19 02:44:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2013.06.19 02:44:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2013.06.19 02:44:38 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013.06.19 02:44:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2013.06.19 02:44:35 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2013.06.19 02:44:35 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013.06.19 02:44:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013.06.19 02:44:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2013.06.19 02:44:32 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013.06.19 02:44:32 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2013.06.19 02:44:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2013.06.19 02:44:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013.06.19 02:44:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013.06.19 02:44:31 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2013.06.19 02:44:31 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2013.06.19 02:44:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2013.06.19 02:44:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2013.06.19 02:44:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2013.06.19 02:44:29 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2013.06.19 02:44:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2013.06.19 02:44:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2013.06.19 02:44:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2013.06.19 02:44:26 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2013.06.19 02:44:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2013.06.19 02:44:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2013.06.19 02:44:19 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2013.06.19 02:44:19 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2013.06.19 02:44:14 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2013.06.19 02:44:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2013.06.19 02:44:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2013.06.19 02:44:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2013.06.19 02:44:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013.06.19 02:44:01 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013.06.19 02:44:01 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2013.06.19 02:44:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2013.06.19 02:44:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2013.06.19 02:43:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2013.06.19 02:43:58 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2013.06.19 02:43:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2013.06.19 02:43:57 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2013.06.19 02:43:57 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2013.06.19 02:43:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2013.06.19 02:43:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013.06.19 02:43:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2013.06.19 02:43:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013.06.19 02:43:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013.06.19 02:43:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2013.06.19 02:43:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2013.06.19 02:43:54 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2013.06.19 02:43:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2013.06.19 02:43:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2013.06.19 02:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2013.06.19 02:43:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2013.06.19 02:43:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2013.06.19 02:43:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2013.06.19 02:43:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2013.06.19 02:43:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013.06.19 02:43:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013.06.19 02:43:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2013.06.19 02:43:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2013.06.19 02:43:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2013.06.19 02:43:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2013.06.19 02:43:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2013.06.19 02:43:47 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2013.06.19 02:43:47 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2013.06.19 02:43:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2013.06.19 02:43:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2013.06.19 02:43:47 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2013.06.19 02:43:46 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2013.06.19 02:43:46 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2013.06.19 02:43:46 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2013.06.19 02:43:46 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2013.06.19 02:43:46 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2013.06.19 02:43:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2013.06.19 02:43:46 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2013.06.19 02:43:45 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2013.06.19 02:43:45 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2013.06.19 02:43:45 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2013.06.19 02:43:45 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2013.06.19 02:43:45 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2013.06.19 02:43:45 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2013.06.19 02:43:45 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2013.06.19 02:43:44 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2013.06.19 02:43:44 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2013.06.19 02:43:44 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2013.06.19 02:43:44 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2013.06.19 02:43:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2013.06.19 02:43:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2013.06.19 02:43:44 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2013.06.19 02:43:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2013.06.19 02:43:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2013.06.19 02:43:43 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2013.06.19 02:43:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2013.06.19 02:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2013.06.19 02:43:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2013.06.19 02:43:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2013.06.19 02:43:43 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2013.06.19 02:43:38 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2013.06.19 02:43:32 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2013.06.19 02:43:31 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2013.06.19 02:43:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2013.06.19 02:43:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2013.06.19 02:43:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2013.06.19 02:43:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2013.06.19 02:43:29 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2013.06.19 02:43:27 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2013.06.19 02:43:27 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2013.06.19 02:43:27 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2013.06.19 02:43:27 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2013.06.19 02:43:27 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2013.06.19 02:43:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2013.06.19 02:43:27 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2013.06.19 02:43:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013.06.19 02:43:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013.06.19 02:43:26 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2013.06.19 02:43:26 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2013.06.19 02:43:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2013.06.19 02:43:26 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013.06.19 02:43:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2013.06.19 02:43:26 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2013.06.19 02:43:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2013.06.19 02:43:26 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2013.06.19 02:43:26 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2013.06.19 02:43:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2013.06.19 02:43:25 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2013.06.19 02:43:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2013.06.19 02:43:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013.06.19 02:43:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2013.06.19 02:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013.06.19 02:43:24 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2013.06.19 02:43:24 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2013.06.19 02:43:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2013.06.19 02:43:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013.06.19 02:43:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2013.06.19 02:43:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2013.06.19 02:43:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2013.06.19 02:43:22 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2013.06.19 02:43:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2013.06.19 02:43:21 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013.06.19 02:43:21 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013.06.19 02:43:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013.06.19 02:43:21 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013.06.19 02:43:20 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013.06.19 02:43:11 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime

thomas frank mas · Jul 9, 2013

second reply third part

[2013.06.19 02:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2013.06.19 02:43:07 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2013.06.19 02:43:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2013.06.19 02:43:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2013.06.19 02:43:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2013.06.19 02:43:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013.06.19 02:43:06 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2013.06.19 02:43:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2013.06.19 02:43:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2013.06.19 02:43:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2013.06.19 02:43:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2013.06.19 02:43:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2013.06.19 02:43:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2013.06.19 02:43:01 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2013.06.19 02:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013.06.19 02:43:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013.06.19 02:43:01 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013.06.19 02:43:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2013.06.19 02:43:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013.06.19 02:42:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2013.06.19 02:42:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013.06.19 02:42:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013.06.19 02:42:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013.06.19 02:42:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2013.06.19 02:42:50 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2013.06.19 02:42:49 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2013.06.19 02:42:49 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2013.06.19 02:42:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2013.06.19 02:42:49 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2013.06.19 02:42:48 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2013.06.19 02:42:48 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2013.06.19 02:42:48 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2013.06.19 02:42:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2013.06.19 02:42:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2013.06.19 02:42:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2013.06.19 02:42:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2013.06.19 02:42:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2013.06.19 02:42:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2013.06.19 02:42:39 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2013.06.19 02:42:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2013.06.19 02:42:38 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2013.06.19 02:42:38 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2013.06.19 02:42:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2013.06.19 02:42:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2013.06.19 02:42:36 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2013.06.19 02:42:36 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2013.06.19 02:42:27 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2013.06.19 02:42:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2013.06.19 02:42:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2013.06.19 02:42:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2013.06.19 02:42:26 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2013.06.19 02:42:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2013.06.19 02:42:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2013.06.19 02:42:26 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2013.06.19 02:42:26 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2013.06.19 02:42:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2013.06.19 02:42:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2013.06.19 02:42:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2013.06.19 02:42:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2013.06.19 02:42:25 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2013.06.19 02:42:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2013.06.19 02:42:25 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2013.06.19 02:42:25 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2013.06.19 02:42:25 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2013.06.19 02:42:25 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2013.06.19 02:42:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2013.06.19 02:42:24 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2013.06.19 02:42:24 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2013.06.19 02:42:24 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2013.06.19 02:42:24 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2013.06.19 02:42:24 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2013.06.19 02:42:24 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2013.06.19 02:42:24 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2013.06.19 02:42:24 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2013.06.19 02:42:24 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2013.06.19 02:42:23 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2013.06.19 02:42:23 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2013.06.19 02:42:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2013.06.19 02:42:23 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2013.06.19 02:42:22 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2013.06.19 02:42:22 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2013.06.19 02:42:22 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2013.06.19 02:42:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2013.06.19 02:42:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2013.06.19 02:42:21 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2013.06.19 02:42:21 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2013.06.19 02:42:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2013.06.19 02:41:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.06.19 02:39:35 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\DRM
[2013.06.19 02:38:20 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013.06.19 02:38:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013.06.19 02:38:20 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013.06.19 02:38:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.06.19 02:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013.06.19 02:38:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.06.19 02:38:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013.06.19 02:38:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.06.19 02:38:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013.06.19 02:38:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013.06.19 02:38:10 | 000,727,614 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2013.06.19 02:38:10 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2013.06.19 02:38:09 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2013.06.19 02:38:08 | 000,329,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.06.19 02:38:08 | 000,210,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.06.19 02:38:08 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2013.06.19 02:38:08 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2013.06.19 02:38:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2013.06.19 02:38:07 | 001,135,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2013.06.19 02:38:07 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.06.19 02:38:07 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2013.06.19 02:38:07 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.06.19 02:38:07 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2013.06.19 02:38:07 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2013.06.19 02:38:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.06.19 02:38:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2013.06.19 02:38:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2013.06.19 02:38:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.06.19 02:37:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2013.06.19 02:37:54 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2013.06.19 02:37:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2013.06.19 02:37:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2013.06.19 02:37:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2013.06.19 02:37:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2013.06.19 02:37:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2013.06.19 02:37:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.06.19 02:37:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.06.19 02:37:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.06.19 02:37:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2013.06.19 02:37:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2013.06.19 02:37:49 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2013.06.19 02:37:48 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2013.06.19 02:37:48 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2013.06.19 02:37:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2013.06.19 02:37:47 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2013.06.19 02:37:47 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2013.06.19 02:37:47 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2013.06.19 02:37:47 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2013.06.19 02:37:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.06.19 02:37:46 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2013.06.19 02:37:46 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.06.19 02:37:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2013.06.19 02:37:46 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2013.06.19 02:37:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.06.19 02:37:46 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.06.19 02:37:46 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2013.06.19 02:37:45 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.06.19 02:37:45 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.06.19 02:37:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.06.19 02:37:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.06.19 02:37:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2013.06.19 02:37:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.06.19 02:37:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.06.19 02:37:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2013.06.19 02:37:44 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2013.06.19 02:37:44 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.06.19 02:37:44 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.06.19 02:37:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.06.19 02:37:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.06.19 02:37:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2013.06.19 02:37:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder
[2013.06.19 02:36:51 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spiele
[2013.06.19 02:36:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Verwaltung
[2013.06.19 02:36:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.06.19 02:35:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.06.19 02:35:42 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.06.19 02:35:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013.06.19 02:35:41 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013.06.19 02:35:41 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.06.19 02:35:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013.06.19 02:35:41 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.06.19 02:35:34 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013.06.19 02:35:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013.06.19 02:35:34 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013.06.19 02:35:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013.06.19 02:35:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013.06.19 02:35:33 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013.06.19 02:35:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.06.19 02:35:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.06.19 02:35:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.06.19 02:35:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.06.19 02:35:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.06.19 02:35:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.06.19 02:35:32 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.06.19 02:35:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.06.19 02:35:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013.06.19 02:35:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.06.19 02:35:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013.06.19 02:35:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.06.19 02:35:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013.06.19 02:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013.06.19 02:35:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013.06.19 02:35:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013.06.19 02:35:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013.06.19 02:35:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013.06.19 02:35:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013.06.19 02:35:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013.06.19 02:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013.06.19 02:35:26 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013.06.19 02:35:26 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013.06.19 02:35:26 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013.06.19 02:35:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013.06.19 02:35:26 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013.06.19 02:35:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013.06.19 02:35:26 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013.06.19 02:35:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013.06.19 02:35:25 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2013.06.19 02:35:25 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.06.19 02:35:25 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.06.19 02:35:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2013.06.19 02:35:25 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2013.06.19 02:35:24 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.06.19 02:35:24 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2013.06.19 02:35:24 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.06.19 02:35:23 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2013.06.19 02:35:23 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2013.06.19 02:35:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.06.19 02:35:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2013.06.19 02:35:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2013.06.19 02:35:23 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2013.06.19 02:35:22 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013.06.19 02:35:22 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.06.19 02:35:22 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.06.19 02:35:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.06.19 02:35:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2013.06.19 02:35:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.06.19 02:35:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.06.19 02:35:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.06.19 02:35:21 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.06.19 02:35:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.06.19 02:35:21 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.06.19 02:35:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.06.19 02:35:21 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.06.19 02:35:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.06.19 02:35:21 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.06.19 02:35:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.06.19 02:35:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.06.19 02:35:20 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.06.19 02:35:20 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.06.19 02:35:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.06.19 02:35:19 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.06.19 02:35:19 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.06.19 02:35:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.06.19 02:35:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.06.19 02:35:19 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.06.19 02:35:19 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.06.19 02:35:19 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.06.19 02:35:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.06.19 02:35:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2013.06.19 02:35:18 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2013.06.19 02:35:18 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2013.06.19 02:35:18 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.06.19 02:35:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2013.06.19 02:35:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2013.06.19 02:35:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.06.19 02:35:17 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2013.06.19 02:35:17 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.06.19 02:35:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2013.06.19 02:35:15 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2013.06.19 02:35:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2013.06.19 02:35:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2013.06.19 02:35:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2013.06.19 02:35:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2013.06.19 02:35:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2013.06.19 02:35:14 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2013.06.19 02:35:14 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2013.06.19 02:35:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2013.06.19 02:35:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2013.06.19 02:35:14 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2013.06.19 02:35:14 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2013.06.19 02:35:14 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2013.06.19 02:35:14 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2013.06.19 02:35:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2013.06.19 02:35:14 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2013.06.19 02:35:14 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2013.06.19 02:35:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2013.06.19 02:35:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2013.06.19 02:35:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2013.06.19 02:35:14 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2013.06.19 02:35:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2013.06.19 02:35:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2013.06.19 02:35:13 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2013.06.19 02:35:13 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2013.06.19 02:35:13 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2013.06.19 02:35:13 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2013.06.19 02:35:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2013.06.19 02:35:13 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2013.06.19 02:35:13 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2013.06.19 02:35:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2013.06.19 02:35:13 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2013.06.19 02:35:13 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2013.06.19 02:35:13 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe

thomas frank mas · Jul 9, 2013

second reply last part

[2013.06.19 02:35:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2013.06.19 02:35:12 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2013.06.19 02:35:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2013.06.19 02:35:11 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2013.06.19 02:35:11 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.06.19 02:35:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.06.19 02:35:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.06.19 02:35:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2013.06.19 02:35:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos
[2013.06.19 02:32:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013.06.18 23:52:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.06.18 23:41:40 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013.06.18 18:57:09 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2013.06.18 18:57:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013.06.18 18:56:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2013.06.12 14:12:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.06.11 15:59:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.06.11 15:58:51 | 000,000,000 | ---D | C] -- C:\Programme\iTunes

========== Files - Modified Within 30 Days ==========

[2013.07.09 00:01:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.09 00:00:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.08 23:50:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.08 18:58:22 | 000,000,670 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.07.07 22:35:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.07.07 20:37:05 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013.07.07 14:15:30 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2013.07.05 15:07:50 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.03 00:31:34 | 000,000,644 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.07.01 17:02:01 | 000,000,474 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 20:15:26 | 000,001,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:42:36 | 000,001,999 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 21:14:21 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.28 15:42:47 | 000,000,276 | ---- | M] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.28 14:57:00 | 000,001,550 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 02:07:49 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.28 02:07:49 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.28 02:07:34 | 001,072,544 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.27 20:25:28 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.27 19:30:04 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.06.27 19:30:04 | 000,007,611 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.27 19:30:04 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.25 18:35:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.06.25 18:35:15 | 000,549,843 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.25 17:55:32 | 000,520,626 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.06.25 17:55:32 | 000,475,764 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.06.25 17:55:32 | 000,101,770 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.06.25 17:55:32 | 000,076,798 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.06.25 15:45:12 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.25 15:12:55 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.25 15:10:47 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.25 15:10:47 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.25 15:08:22 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.06.24 14:58:08 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.24 14:47:54 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.24 14:47:53 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.24 13:54:43 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys
[2013.06.24 13:54:43 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.22 22:46:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.22 22:45:57 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.22 22:45:57 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.22 22:15:58 | 000,000,906 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | M] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 03:27:11 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.22 03:27:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.06.22 02:56:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.06.22 02:56:15 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.06.22 02:56:15 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.06.22 02:56:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.06.22 02:56:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.06.22 02:56:15 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.06.22 02:27:21 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 01:25:39 | 000,000,012 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 02:48:42 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.19 02:47:09 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,000,438 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 02:41:36 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:41:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 02:36:48 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.10 19:41:56 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini

========== Files Created - No Company Name ==========

[2013.07.07 20:36:59 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.07.07 20:26:49 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.07.07 20:26:49 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.07.07 20:26:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.07.07 20:26:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.07.07 20:26:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.07.07 13:35:35 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2013.07.07 13:35:35 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk
[2013.07.05 15:07:50 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.29 20:15:26 | 000,001,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\iTunes.lnk
[2013.06.29 18:43:24 | 000,000,474 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.29 18:43:22 | 000,000,644 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.29 18:43:20 | 000,000,670 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.29 18:42:37 | 000,002,005 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Spybot-S&D Start Center.lnk
[2013.06.29 18:42:35 | 000,001,999 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Spybot-S&D Start Center.lnk
[2013.06.28 14:56:58 | 000,001,550 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\GammaTray.lnk
[2013.06.28 00:08:12 | 000,000,276 | ---- | C] () -- C:\WINDOWS\System\cmicnfg.ini
[2013.06.27 20:25:27 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Google Earth.lnk
[2013.06.25 17:34:53 | 000,015,449 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2013.06.25 15:12:54 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk
[2013.06.25 15:12:54 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk
[2013.06.24 13:54:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013.06.23 12:23:13 | 000,000,430 | ---- | C] () -- C:\WINDOWS\tasks\ProgramRefresh-ATFST.job
[2013.06.23 12:23:12 | 000,000,374 | ---- | C] () -- C:\WINDOWS\tasks\ProgramUpdateCheck.job
[2013.06.23 12:22:40 | 000,000,366 | ---- | C] () -- C:\WINDOWS\tasks\Final Media Player Update Checker.job
[2013.06.22 22:15:58 | 000,000,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DVDVideoSoft Free Studio.lnk
[2013.06.22 21:32:17 | 000,000,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Player.lnk
[2013.06.22 21:31:23 | 000,000,797 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\DivX Plus Converter.lnk
[2013.06.22 21:23:21 | 000,000,000 | ---- | C] () -- C:\END
[2013.06.22 21:08:31 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Cyberduck.lnk
[2013.06.22 04:31:36 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.22 03:34:46 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.06.22 03:34:43 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.06.22 03:34:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.22 03:34:15 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.06.22 03:33:57 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.06.22 03:33:57 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013.06.22 03:33:57 | 000,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013.06.22 03:33:57 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.06.22 03:33:57 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013.06.22 03:33:57 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.06.22 03:33:57 | 000,021,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013.06.22 03:33:57 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.06.22 03:33:57 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013.06.22 03:33:57 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.06.22 03:33:57 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.06.22 03:33:57 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.06.22 03:33:57 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.06.22 03:33:57 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.06.22 03:33:57 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.06.22 03:33:56 | 002,039,179 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.06.22 03:33:56 | 001,246,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.06.22 03:33:56 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.06.22 03:33:56 | 000,631,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.06.22 03:32:58 | 000,192,976 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.22 03:27:16 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.22 02:27:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.06.20 23:12:19 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.20 23:12:19 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.20 23:11:03 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013.06.20 23:11:03 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013.06.20 16:00:58 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.06.20 16:00:56 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Apple Software Update.lnk
[2013.06.20 14:57:18 | 000,007,611 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.06.20 14:57:18 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.06.20 14:56:11 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymVTcer.dat
[2013.06.20 14:56:11 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymELAM.cat
[2013.06.20 14:56:11 | 000,008,067 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.cat
[2013.06.20 14:56:11 | 000,008,059 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.cat
[2013.06.20 14:56:11 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symnetv.cat
[2013.06.20 14:56:11 | 000,007,667 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccsetx86.cat
[2013.06.20 14:56:11 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\iron.cat
[2013.06.20 14:56:11 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.cat
[2013.06.20 14:56:11 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.cat
[2013.06.20 14:56:11 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymEFA.inf
[2013.06.20 14:56:11 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymDS.inf
[2013.06.20 14:56:11 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNetV.inf
[2013.06.20 14:56:11 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\SymNet.inf
[2013.06.20 14:56:11 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtspx.inf
[2013.06.20 14:56:11 | 000,001,388 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\srtsp.inf
[2013.06.20 14:56:11 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\symELAM.inf
[2013.06.20 14:56:11 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\ccSetx86.inf
[2013.06.20 14:56:11 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Iron.inf
[2013.06.20 14:56:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\isolate.ini
[2013.06.19 22:09:10 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\VT20130115.021
[2013.06.19 21:04:02 | 000,549,843 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1404000.028\Cat.DB
[2013.06.19 18:26:05 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2013.06.19 12:34:35 | 000,001,711 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.19 12:34:35 | 000,001,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\TuneUp Utilities 2012.lnk
[2013.06.19 12:34:34 | 000,001,713 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2013.06.19 12:14:19 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.06.19 12:01:49 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.06.19 12:01:48 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.06.19 12:01:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.06.19 12:01:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2013.06.19 12:01:02 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.06.19 03:08:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.06.19 02:47:09 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 02:45:34 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.19 02:44:31 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.06.19 02:43:56 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.06.19 02:43:46 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.06.19 02:43:46 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.06.19 02:43:44 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.06.19 02:43:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.06.19 02:43:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.06.19 02:43:24 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.06.19 02:43:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.06.19 02:41:36 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 02:41:24 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 02:41:24 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 02:41:23 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 02:38:54 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Movie Maker.lnk
[2013.06.19 02:38:33 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.06.19 02:38:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.06.19 02:38:13 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.06.19 02:37:48 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.06.19 02:36:51 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Messenger.lnk
[2013.06.19 02:36:48 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 02:36:00 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\MSN.lnk
[2013.06.19 02:35:36 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2013.06.19 02:35:36 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2013.06.19 02:35:36 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013.06.19 02:35:36 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2013.06.19 02:35:35 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2013.06.19 02:35:35 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2013.06.19 02:35:35 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2013.06.19 02:35:35 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2013.06.19 02:35:35 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2013.06.19 02:35:35 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2013.06.19 02:35:35 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2013.06.19 02:35:32 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.06.19 02:35:32 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.06.19 02:35:31 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.06.19 02:35:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013.06.18 18:58:24 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.06.18 18:58:22 | 000,476,395 | R--- | C] () -- C:\txtsetup.sif
[2013.06.18 18:58:22 | 000,262,464 | R--- | C] () -- C:\$LDR$

========== ZeroAccess Check ==========

[2013.06.25 15:16:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 03:59:04 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

ken545 · Jul 9, 2013

Looks like it fixed it this time, lets see what AdwCleaner comes up with

thomas frank mas · Jul 9, 2013

third reply

# AdwCleaner v2.304 - Datei am 09/07/2013 um 01:19:40 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Tom - FRANK-B
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\AdwCleaner.exe
# Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\Freecorder extension

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Freecorder extension
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\InstallIQ
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[S1].txt - [5050 octets] - [09/07/2013 01:19:40]

########## EOF - C:\AdwCleaner[S1].txt - [5110 octets] ##########

ken545 · Jul 9, 2013

Great, run a new scan with Spybot and post the log and lets see if those entries are gone

How are things running now, logs are looking good

thomas frank mas · Jul 9, 2013

As far I can see you have excellent work done. No delays and high performance.
I thank you very much.
Tom

# AdwCleaner v2.304 - Datei am 09/07/2013 um 01:19:40 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Tom - FRANK-B
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Tom.FRANK-B\Desktop\AdwCleaner.exe
# Option [Löschen]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\APN
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\Freecorder extension

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Freecorder extension
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\InstallIQ
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder extension
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\
063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder extension

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Die Registrierungsdatenbank ist sauber.

*************************

AdwCleaner[S1].txt - [5050 octets] - [09/07/2013 01:19:40]

########## EOF - C:\AdwCleaner[S1].txt - [5110 octets] ##########

ken545 · Jul 9, 2013

:bigthumb:

I was asking for a new Spybot scan to see if both those entries are gone, not another AdwCleaner log

thomas frank mas · Jul 9, 2013

Sorry! I had, as you can see a scan made. must be a mistake.
Search results from Spybot - Search & Destroy

09.07.2013 03:09:06
Scan took 01:05:17.
36 items found.

Toolbar.Snap.do: [SBI $946FBA81] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Search Page

Toolbar.Snap.do: [SBI $AFDBE44E] User settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1004\Software\Microsoft\Internet Explorer\Main\Start Page

Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Tom) (Browser: Cookie, nothing done)

Common Dialogs: [SBI $8E73A7FB] History (30 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Office\11.0\Word\Data\Settings

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Search Assistant\ACMru

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1614895754-1958367476-1417001333-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (119) (Browser: Cookie, nothing done)

Cache: [SBI $49804B54] Browser: Cache (424) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (408) (Browser: History, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (2) (Browser: Cookie, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (21) (Browser: Cookie, nothing done)

Cache: [SBI $49804B54] Browser: Cache (46) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (35) (Browser: History, nothing done)

--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-29 spybotsd2-installer.exe (2.1.20.0)
2013-06-19 spybotsd2-translation-frx.exe
2013-06-29 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-07-03 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-06-25 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-07-04 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-06-19 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-07-03 Includes\TrojansC-03.sbi (*)
2013-03-14 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-04-19 Includes\TrojansC.sbi (*)

ken545 · Jul 9, 2013

It looks like there is just some leftover Snap Do.

When ever you download and install any programs READ READ READ what your installing, if you just keep clicking on next and not reading through the prompts sometimes you will install third party software without realizing it.

Open Internet Explorer and go to Tools > Manage Add Ons and go to Toolbars and Extensions and if you see Snap Do in there disable it. Then go to Search Providers and if Snap Do is present highlight it and remove it.

Then close out IE

You will need to download the 32 bit version of this program

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64 Bit Version

Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
Code:
```
:folderfind
Snap.do
:filefind
Snap.do
:regfind
Snap.do
```
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

thomas frank mas · Jul 9, 2013

SystemLook 30.07.11 by jpshortstuff
Log created at 15:13 on 09/07/2013 by Tom
Administrator - Elevation successful

========== folderfind ==========
To download System Look was not easy at all, bacause this Pge wanted me to download several other programms. The download button was hidden!
I could not find any snap.do in the IE Tools.

Searching for "Snap.do"
No folders found.

========== filefind ==========

Searching for "Snap.do"
No files found.

========== regfind ==========

Searching for "Snap.do"
No data found.

-= EOF =-

ken545 · Jul 9, 2013

Great, looks like your ready to go, any other issues ?

Win32.Downloader found?

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

New member

New member

New member

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert

New member

Emeritus-Security Expert