Trojan Dos Alureon.E was jetzt

trojansöri · 23.11.2011, 23:35

Trojan Dos Alureon.E
Habe damit ein Problem ich habe mal versucht euren anweisungen ( http://www.trojaner-board.de/105043-...r-ihn-los.html ) zu befolgen:

OTL logfile created on: 23.11.2011 23:27:37 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Christian Sörensen\Desktop
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 60,61% Memory free
6,00 Gb Paging File | 4,61 Gb Available in Paging File | 76,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,66 Gb Total Space | 387,80 Gb Free Space | 85,48% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 70,31 Mb Free Space | 70,32% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 430,98 Gb Free Space | 92,53% Space Free | Partition Type: NTFS

Computer Name: SÖRI | User Name: Christian Sörensen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Christian Sörensen\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
PRC - C:\Windows\vsnpstd3.exe ()

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll ()
MOD - C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll ()
MOD - C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll ()
MOD - C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll ()
MOD - C:\Program Files (x86)\IncrediMail\Bin\pmc.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Widgets\js32.dll ()
MOD - C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll ()
MOD - C:\Windows\vsnpstd3.exe ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

========== Driver Services (SafeList) ==========

DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FWLANUSB) -- C:\Windows\SysNative\drivers\fwlanusb.sys (AVM GmbH)
DRV:64bit: - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/mb50?u=1036327484951307707

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (amazon) - {84B94901-3645-4D80-A6B7-4D0050B19455} - C:\PROGRA~2\teXXas\IEBUTT~1.DLL ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E01F509C-821E-43A9-8CAA-5A8E01E976AC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{964979f4-12f3-11e1-95df-4487fcf8208c}\Shell - "" = AutoRun
O33 - MountPoints2\{964979f4-12f3-11e1-95df-4487fcf8208c}\Shell\AutoRun\command - "" = L:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.11.23 23:26:26 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Christian Sörensen\Desktop\OTL.exe
[2011.11.23 23:10:18 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Desktop\tdsskiller_2.5.5.0
[2011.11.23 20:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.11.23 20:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.11.23 20:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.11.21 18:42:12 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.11.21 18:42:12 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.11.21 18:42:09 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.11.21 18:42:08 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.11.21 18:42:08 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.11.21 18:42:08 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.11.21 18:42:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.11.21 18:42:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.11.21 18:42:08 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.11.20 23:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.11.20 22:44:44 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Searches
[2011.11.20 22:29:33 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2011.11.20 22:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SurfMusik 3.1
[2011.11.20 22:29:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SurfMusik 3.1
[2011.11.20 22:23:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.11.20 22:16:41 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Favorites
[2011.11.20 21:29:02 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Yahoo
[2011.11.20 21:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Widgets
[2011.11.20 21:28:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[2011.11.20 21:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[2011.11.20 21:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IncrediMail
[2011.11.20 21:12:10 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Canneverbe Limited
[2011.11.20 21:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2011.11.20 21:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2011.11.20 21:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.11.20 21:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011.11.20 21:08:07 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Google
[2011.11.20 20:19:41 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.20 20:19:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.20 20:19:41 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.11.20 20:19:41 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.11.20 20:19:41 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.11.20 20:19:41 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.11.20 20:19:41 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.11.20 20:19:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.11.20 20:19:41 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.11.20 20:19:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.11.20 20:19:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.11.20 20:19:40 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.11.20 20:19:40 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.11.20 20:19:40 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.11.20 20:19:40 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.11.20 20:19:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.20 20:19:40 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.11.20 20:19:40 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.11.20 20:19:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.11.20 20:19:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.11.20 20:19:40 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.11.20 20:19:40 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.11.20 20:19:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.11.20 20:19:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.11.20 20:19:40 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.11.20 20:19:40 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.11.20 20:19:40 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.11.20 20:19:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.11.20 20:19:40 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.20 20:19:40 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.11.20 20:19:40 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.11.20 20:19:40 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.11.20 20:19:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.11.20 20:19:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.11.20 20:19:39 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.20 20:19:39 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.20 20:19:39 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.11.20 20:19:39 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.11.20 20:19:39 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.20 20:19:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.11.20 20:19:39 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.11.20 20:19:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.11.20 20:19:39 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.11.20 20:19:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.11.20 20:19:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.11.20 20:19:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.11.20 20:19:39 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.11.20 20:19:39 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.11.20 20:19:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.11.20 20:19:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.11.20 20:19:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.11.20 20:19:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.11.20 20:19:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.11.20 20:19:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.11.20 20:19:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.11.20 20:19:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.11.20 20:19:38 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.11.20 20:19:38 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.11.20 20:19:38 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.11.20 20:19:38 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.11.20 20:19:38 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.11.20 20:19:38 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.11.20 20:19:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.20 20:19:38 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.11.20 20:19:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.11.20 20:19:38 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.11.20 20:19:38 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.20 20:19:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.11.20 20:19:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.11.20 20:19:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.11.20 20:19:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.11.20 20:19:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.11.20 20:16:42 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\teXXas
[2011.11.20 20:16:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\teXXas
[2011.11.20 19:48:21 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011.11.20 19:48:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011.11.20 19:48:21 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011.11.20 19:48:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011.11.20 19:48:21 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011.11.20 19:48:20 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011.11.20 19:48:20 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011.11.20 19:48:20 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011.11.20 19:47:59 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011.11.20 19:47:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011.11.20 19:40:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.11.20 19:40:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.11.20 19:40:36 | 006,300,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011.11.20 19:40:36 | 003,040,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011.11.20 19:40:36 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011.11.20 19:40:36 | 000,739,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011.11.20 19:40:36 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011.11.20 19:40:36 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011.11.20 19:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.11.20 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.11.20 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011.11.20 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Conduit
[2011.11.20 19:38:53 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\IM
[2011.11.20 19:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2011.11.20 19:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2011.11.20 19:37:43 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Macromedia
[2011.11.20 19:37:43 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Adobe
[2011.11.20 19:37:17 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.20 19:37:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.11.20 19:37:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.20 19:12:46 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011.11.20 19:12:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.11.20 19:12:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.11.20 19:12:27 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.11.20 19:12:27 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.11.20 19:12:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.11.20 19:12:27 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.11.20 19:12:27 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.11.20 19:12:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.11.20 19:12:26 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.11.20 19:12:16 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.11.20 19:12:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.11.20 19:12:11 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.11.20 19:12:11 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.11.20 19:12:10 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.11.20 19:12:10 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.11.20 19:12:09 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.11.20 19:12:09 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.11.20 19:12:09 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.11.20 19:12:09 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.11.20 19:12:08 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.11.20 19:12:08 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.11.20 19:12:06 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011.11.20 19:12:03 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011.11.20 19:12:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011.11.20 19:12:02 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011.11.20 19:12:02 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011.11.20 19:12:02 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011.11.20 19:12:01 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011.11.20 19:12:01 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011.11.20 19:12:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011.11.20 19:12:01 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011.11.20 19:12:01 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011.11.20 19:11:59 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.11.20 19:11:58 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.11.20 19:11:58 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.11.20 19:11:58 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.11.20 19:11:57 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011.11.20 19:11:56 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.11.20 19:11:56 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.11.20 19:11:56 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011.11.20 19:11:56 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011.11.20 19:11:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.11.20 19:11:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011.11.20 19:11:55 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011.11.20 19:11:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011.11.20 19:11:53 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011.11.20 19:11:42 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2011.11.20 19:11:42 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2011.11.20 19:11:37 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2011.11.20 19:11:37 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2011.11.20 19:11:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2011.11.20 19:11:37 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2011.11.20 19:11:36 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2011.11.20 19:11:36 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2011.11.20 19:11:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2011.11.20 19:11:36 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011.11.20 19:11:36 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011.11.20 19:11:35 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2011.11.20 19:11:35 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2011.11.20 19:11:35 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2011.11.20 19:11:35 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011.11.20 19:11:35 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2011.11.20 19:11:35 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2011.11.20 19:11:35 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2011.11.20 19:11:22 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2011.11.20 19:11:13 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.11.20 19:11:13 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.11.20 19:11:02 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011.11.20 19:10:53 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.11.20 19:10:53 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.11.20 19:10:51 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.11.20 19:10:51 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.11.20 19:10:50 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.11.20 19:10:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.11.20 19:10:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.11.20 19:10:47 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.11.20 19:10:47 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.11.20 19:10:44 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011.11.20 19:10:33 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.11.20 19:10:32 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.11.20 19:10:32 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.11.20 19:10:32 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.11.20 19:09:49 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011.11.20 19:09:34 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.11.20 19:09:34 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.11.20 19:09:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.11.20 19:09:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.11.20 19:09:33 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.11.20 19:09:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.11.20 19:09:31 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.11.20 19:09:31 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.11.20 19:09:31 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.11.20 19:09:30 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.11.20 19:09:30 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.11.20 19:09:29 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.11.20 19:09:27 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.11.20 19:09:27 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.11.20 19:09:27 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.11.20 19:09:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.11.20 19:09:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.11.20 19:09:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.11.20 19:09:26 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.11.20 19:09:26 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.11.20 19:09:26 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.11.20 19:09:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.11.20 19:09:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011.11.20 19:09:17 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011.11.20 19:09:15 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011.11.20 19:09:15 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.11.20 19:08:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.11.20 19:08:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.11.20 19:08:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.11.20 19:08:31 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011.11.20 19:08:31 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011.11.20 19:08:30 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011.11.20 19:08:29 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011.11.20 19:08:29 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2011.11.20 19:08:29 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2011.11.20 19:08:27 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.11.20 19:08:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.11.20 19:08:12 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.11.20 19:08:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.11.20 19:08:08 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.11.20 19:08:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011.11.20 19:08:08 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.11.20 19:08:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.11.20 19:08:07 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011.11.20 19:08:07 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011.11.20 19:08:07 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011.11.20 19:08:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011.11.20 19:08:06 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011.11.20 19:08:00 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011.11.20 19:07:59 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011.11.20 19:07:57 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011.11.20 19:07:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011.11.20 19:07:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.11.20 19:07:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.11.20 19:07:51 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011.11.20 19:07:49 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011.11.20 19:07:48 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011.11.20 19:07:42 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.11.20 19:07:41 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.11.20 19:07:41 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.11.20 19:07:41 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.11.20 19:07:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.11.20 19:07:41 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.11.20 19:07:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.11.20 19:07:35 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2011.11.20 19:07:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.11.20 19:07:31 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.11.20 19:07:31 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.11.20 19:07:30 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.11.20 19:07:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.11.20 19:07:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.11.20 19:07:30 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.11.20 19:07:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.11.20 19:07:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.11.20 19:07:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.11.20 19:07:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.11.20 19:07:29 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.11.20 19:07:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.11.20 19:07:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.11.20 19:07:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.11.20 19:07:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.11.20 19:07:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.11.20 19:07:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.11.20 19:07:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.11.20 19:07:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.11.20 19:07:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.11.20 19:07:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.11.20 19:07:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.11.20 19:07:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.11.20 19:07:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.11.20 19:07:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.11.20 19:07:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.11.20 19:07:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.11.20 19:07:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.11.20 19:07:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.11.20 19:07:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.11.20 19:07:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.11.20 19:07:19 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.11.20 19:07:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.11.20 19:07:18 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.11.20 19:07:17 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.11.20 19:07:16 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.11.20 19:07:16 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.11.20 19:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.11.20 19:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.11.20 18:56:17 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011.11.20 18:56:14 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.11.20 18:56:14 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.11.20 18:56:09 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.11.20 18:56:09 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.11.20 18:55:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011.11.20 18:55:50 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.11.20 18:55:49 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.11.20 18:55:49 | 003,902,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.11.20 18:47:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.11.20 18:47:12 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011.11.20 18:45:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011.11.20 18:45:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011.11.20 18:45:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011.11.20 18:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2011.11.20 18:38:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2011.11.20 18:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVM_update
[2011.11.20 07:00:26 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.11.20 07:00:12 | 000,000,000 | -HSD | C] -- C:\Boot
[2011.11.20 06:59:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
[2011.11.20 06:59:13 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2011.11.20 06:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2011.11.20 06:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2011.11.20 06:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2011.11.20 06:59:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2011.11.20 06:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2011.11.20 06:59:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2011.11.20 06:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2011.11.20 06:56:29 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2011.11.20 06:56:29 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2011.11.20 06:56:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2011.11.20 06:56:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2011.11.20 06:56:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2011.11.20 06:56:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2011.11.20 06:56:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2011.11.20 06:56:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2011.11.20 06:56:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2011.11.20 06:56:07 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2011.11.20 06:56:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2011.11.20 06:56:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2011.11.20 06:56:07 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2011.11.20 06:56:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2011.11.20 06:56:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2011.11.20 06:56:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2011.11.20 06:55:59 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2011.11.20 06:55:59 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2011.11.20 06:55:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2011.11.20 06:55:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2011.11.20 06:55:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2011.11.20 06:55:59 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2011.11.20 06:55:59 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2011.11.20 06:55:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2011.11.20 06:55:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2011.11.20 06:55:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[2011.11.20 06:55:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2011.11.20 06:55:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2011.11.20 06:55:59 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2011.11.20 06:55:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2011.11.20 06:55:59 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2011.11.20 06:55:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2011.11.20 06:55:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2011.11.20 06:55:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2011.11.20 06:55:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2011.11.20 06:55:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2011.11.20 06:55:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2011.11.20 06:55:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2011.11.20 06:55:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2011.11.20 06:55:55 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2011.11.20 06:55:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2011.11.20 06:55:50 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2011.11.20 06:55:50 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2011.11.20 06:55:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2011.11.20 06:55:42 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2011.11.20 06:55:42 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2011.11.20 06:55:42 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2011.11.20 06:55:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2011.11.20 06:55:39 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2011.11.20 06:55:39 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2011.11.20 06:55:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2011.11.20 06:55:39 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2011.11.20 06:55:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2011.11.20 06:55:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2011.11.20 06:55:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2011.11.20 06:55:36 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2011.11.20 06:55:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2011.11.20 06:55:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2011.11.20 06:55:29 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2011.11.20 06:55:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2011.11.20 06:55:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2011.11.20 06:55:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2011.11.20 06:55:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2011.11.20 06:55:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2011.11.20 06:55:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2011.11.20 06:55:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2011.11.20 06:55:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2011.11.20 06:55:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2011.11.20 06:55:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2011.11.20 06:55:27 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2011.11.20 06:55:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2011.11.20 06:55:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2011.11.20 06:55:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2011.11.20 06:55:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2011.11.20 06:55:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2011.11.20 06:55:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2011.11.20 06:55:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2011.11.20 06:55:27 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2011.11.20 06:55:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2011.11.20 06:55:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2011.11.20 06:55:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2011.11.20 06:55:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2011.11.20 06:55:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2011.11.20 06:55:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2011.11.20 06:55:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2011.11.20 06:55:26 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2011.11.20 06:55:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2011.11.20 06:55:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2011.11.20 00:45:24 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Documents\Vordruck-Word (Arbeitskarte)
[2011.11.20 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Unfallakten Flemming Sörensen
[2011.11.20 00:45:17 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Treiber & Utilties
[2011.11.20 00:45:13 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\TomTom
[2011.11.20 00:45:11 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Sozialversicherungsnachweise
[2011.11.20 00:45:10 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Schwäbisch Hall
[2011.11.20 00:45:10 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Schmid,Phillipsreut
[2011.11.20 00:45:10 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Rechnungen-Allgemein
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\My Widgets
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\My Albums
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Mietverträge
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\MAGIX_MusicEditor
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Kündigungsschreiben
[2011.11.20 00:45:09 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\KFZ-Steuerfestsetzung
[2011.11.20 00:45:08 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Heizung Brötje
[2011.11.20 00:45:08 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Fluid Film
[2011.11.20 00:45:08 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Finanzen Prosser-Sörensen
[2011.11.20 00:45:08 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Finanzamt
[2011.11.20 00:45:08 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Fax
[2011.11.20 00:44:24 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Documents\ebay-Gewerbe Office
[2011.11.20 00:44:22 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Documents\Dokumente-Ausweise
[2011.11.20 00:44:15 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Bundeswehr-Personalakte
[2011.11.20 00:44:15 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Bewerbungsmuster
[2011.11.20 00:44:12 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Documents\Ashampoo Videodateien DVD
[2011.11.20 00:44:12 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Arbeitsamt
[2011.11.20 00:44:11 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\AOK-Gesundheitskasse
[2011.11.20 00:44:11 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\Adressen
[2011.11.20 00:44:11 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Documents\ADAC
[2011.11.20 00:30:59 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Desktop\Aktenkoffer Register
[2011.11.20 00:18:51 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Scanned Documents
[2011.11.20 00:18:50 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Gesundheit A-Z
[2011.11.20 00:18:35 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Jeep-Community
[2011.11.20 00:18:32 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Marias Dateien
[2011.11.20 00:18:25 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\Music Samples
[2011.11.20 00:18:22 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Verknüpfungen Internetwebsites
[2011.11.19 23:12:27 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Desktop\Verknüpfungen Internetwebsites
[2011.11.19 23:00:29 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.11.19 23:00:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.11.19 22:52:42 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Diagnostics
[2011.11.19 22:34:03 | 000,217,088 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysWow64\esint41.dll
[2011.11.19 22:34:03 | 000,164,864 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxuin41.dll
[2011.11.19 22:34:03 | 000,095,232 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwia41.dll
[2011.11.19 22:34:03 | 000,004,608 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxwiaml.dll
[2011.11.19 22:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2011.11.19 22:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011.11.19 22:21:35 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AVM_Driver
[2011.11.19 22:19:50 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.11.19 22:19:50 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.11.19 22:19:33 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Identities
[2011.11.19 22:19:24 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\VirtualStore
[2011.11.19 22:19:00 | 000,000,000 | --SD | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Videos
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Pictures
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Music
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Downloads
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Documents
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\Desktop
[2011.11.19 22:19:00 | 000,000,000 | R--D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Vorlagen
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\AppData\Local\Verlauf
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\AppData\Local\Temporary Internet Files
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Startmenü
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\SendTo
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Recent
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Netzwerkumgebung
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Lokale Einstellungen
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Documents\Eigene Videos
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Documents\Eigene Musik
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Eigene Dateien
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Documents\Eigene Bilder
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Druckumgebung
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Cookies
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\AppData\Local\Anwendungsdaten
[2011.11.19 22:19:00 | 000,000,000 | -HSD | C] -- C:\Users\Christian Sörensen\Anwendungsdaten
[2011.11.19 22:19:00 | 000,000,000 | -H-D | C] -- C:\Users\Christian Sörensen\AppData
[2011.11.19 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Temp
[2011.11.19 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Local\Microsoft
[2011.11.19 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\Christian Sörensen\AppData\Roaming\Media Center Programs
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.11.19 22:18:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.11.19 22:04:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.11.19 22:01:30 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.11.07 19:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\eMachines
[2011.10.30 23:04:02 | 000,000,000 | -H-D | C] -- C:\PFiles
[2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll

========== Files - Modified Within 30 Days ==========

[2011.11.23 23:26:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Christian Sörensen\Desktop\OTL.exe
[2011.11.23 23:18:28 | 000,000,222 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Kampf gegen Trojaner - Bin ich ihn los - Trojaner-Board.url
[2011.11.23 23:13:03 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.23 23:12:47 | 000,018,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.23 23:12:47 | 000,018,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.23 23:10:00 | 001,309,375 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\tdsskiller_2.5.5.0.zip
[2011.11.23 23:05:39 | 000,001,130 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.23 23:05:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.23 23:03:32 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.23 22:44:24 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.23 22:44:24 | 000,656,028 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.23 22:44:24 | 000,617,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.23 22:44:24 | 000,130,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.23 22:44:24 | 000,107,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.23 20:25:26 | 000,001,283 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Spybot - Search & Destroy.lnk
[2011.11.21 22:06:37 | 000,000,000 | -H-- | M] () -- C:\Users\Christian Sörensen\Documents\Default.rdp
[2011.11.20 22:28:14 | 000,000,179 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\YouTube.url
[2011.11.20 22:26:14 | 000,000,202 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Jeep Community.url
[2011.11.20 22:25:50 | 000,000,222 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\facebook.url
[2011.11.20 22:16:35 | 000,000,309 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\ebay.USA.url
[2011.11.20 22:16:12 | 000,000,349 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Mein ebay.de.url
[2011.11.20 22:00:07 | 000,000,324 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Wikipedia.url
[2011.11.20 21:59:50 | 000,000,323 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\AutoScout24.url
[2011.11.20 21:59:34 | 000,000,325 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\mobile.de.url
[2011.11.20 21:58:56 | 000,000,199 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Postbank Online-Banking.url
[2011.11.20 21:58:40 | 000,000,257 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Sparkasse FRG.url
[2011.11.20 21:58:00 | 000,000,312 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\VR Bank FRG.url
[2011.11.20 21:29:15 | 000,001,118 | ---- | M] () -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
[2011.11.20 21:12:04 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.11.20 21:09:15 | 000,002,233 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.11.20 20:50:14 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.20 20:19:41 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.20 20:19:41 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.20 20:19:41 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.11.20 20:19:41 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.11.20 20:19:41 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.11.20 20:19:41 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.11.20 20:19:41 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.11.20 20:19:41 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.11.20 20:19:41 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.11.20 20:19:41 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.11.20 20:19:41 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.11.20 20:19:40 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.11.20 20:19:40 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.11.20 20:19:40 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.11.20 20:19:40 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.11.20 20:19:40 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.20 20:19:40 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.11.20 20:19:40 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.11.20 20:19:40 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.11.20 20:19:40 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.11.20 20:19:40 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.11.20 20:19:40 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.11.20 20:19:40 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.11.20 20:19:40 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.11.20 20:19:40 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.11.20 20:19:40 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.11.20 20:19:40 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.11.20 20:19:40 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.11.20 20:19:40 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.11.20 20:19:40 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.20 20:19:40 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.11.20 20:19:40 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.11.20 20:19:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.11.20 20:19:40 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.11.20 20:19:40 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.11.20 20:19:39 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.20 20:19:39 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.20 20:19:39 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.11.20 20:19:39 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.11.20 20:19:39 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.20 20:19:39 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.11.20 20:19:39 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.11.20 20:19:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.11.20 20:19:39 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.11.20 20:19:39 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.11.20 20:19:39 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.11.20 20:19:39 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.11.20 20:19:39 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.11.20 20:19:39 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.11.20 20:19:39 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.11.20 20:19:39 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.11.20 20:19:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.11.20 20:19:39 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.11.20 20:19:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.11.20 20:19:39 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.11.20 20:19:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.11.20 20:19:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.11.20 20:19:38 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.11.20 20:19:38 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.11.20 20:19:38 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.11.20 20:19:38 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.11.20 20:19:38 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.11.20 20:19:38 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.11.20 20:19:38 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.20 20:19:38 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.11.20 20:19:38 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.11.20 20:19:38 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.11.20 20:19:38 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.20 20:19:38 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.11.20 20:19:38 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.11.20 20:19:38 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.11.20 20:19:38 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.11.20 20:19:38 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.11.20 20:19:38 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.11.20 20:16:42 | 000,001,814 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\teXXas.lnk
[2011.11.20 19:37:17 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.11.20 19:02:48 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.11.20 19:02:04 | 001,499,556 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.20 07:00:14 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.11.20 06:59:01 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2011.11.20 06:59:01 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2011.11.19 23:53:27 | 000,000,146 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Geräte-Manager.lnk
[2011.11.19 22:34:03 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.11.19 22:30:26 | 000,001,250 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\System Information.lnk
[2011.11.19 22:30:04 | 000,001,322 | ---- | M] () -- C:\Users\Christian Sörensen\Desktop\Wordpad.lnk
[2011.11.19 22:05:58 | 000,054,699 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.11.19 22:05:58 | 000,054,699 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.11.19 22:03:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2011.11.23 23:18:28 | 000,000,222 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Kampf gegen Trojaner - Bin ich ihn los - Trojaner-Board.url
[2011.11.23 23:09:58 | 001,309,375 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\tdsskiller_2.5.5.0.zip
[2011.11.23 20:25:26 | 000,001,283 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Spybot - Search & Destroy.lnk
[2011.11.21 22:06:37 | 000,000,000 | -H-- | C] () -- C:\Users\Christian Sörensen\Documents\Default.rdp
[2011.11.20 22:29:33 | 000,006,114 | ---- | C] () -- C:\Windows\SysWow64\SHELLLNK.TLB
[2011.11.20 22:28:14 | 000,000,179 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\YouTube.url
[2011.11.20 22:15:22 | 000,000,236 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Wetter Hinterschmiding.url
[2011.11.20 22:15:09 | 000,000,349 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Mein ebay.de.url
[2011.11.20 22:15:02 | 000,000,185 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\login.LTE Vodafone.url
[2011.11.20 22:14:52 | 000,000,309 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\ebay.USA.url
[2011.11.20 22:07:07 | 000,000,202 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Jeep Community.url
[2011.11.20 22:02:05 | 000,000,222 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\facebook.url
[2011.11.20 21:29:15 | 000,001,118 | ---- | C] () -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
[2011.11.20 21:15:38 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
[2011.11.20 21:12:04 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.11.20 21:12:04 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2011.11.20 21:09:15 | 000,002,233 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.11.20 21:08:17 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.20 21:08:16 | 000,001,130 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.20 20:19:40 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.11.20 20:19:38 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.11.20 20:16:42 | 000,001,814 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\teXXas.lnk
[2011.11.20 19:02:48 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.11.20 19:02:04 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.20 19:01:40 | 000,001,918 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.11.20 07:00:12 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2011.11.20 06:59:59 | 000,000,025 | RH-- | C] () -- C:\Windows\DELL_version
[2011.11.20 06:59:38 | 000,656,028 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.20 06:59:38 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2011.11.20 06:59:38 | 000,130,800 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.20 06:59:38 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2011.11.20 00:30:59 | 000,000,325 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\mobile.de.url
[2011.11.20 00:30:59 | 000,000,324 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Wikipedia.url
[2011.11.20 00:30:59 | 000,000,323 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\AutoScout24.url
[2011.11.20 00:30:59 | 000,000,312 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\VR Bank FRG.url
[2011.11.20 00:30:59 | 000,000,286 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\PayPal-Konto.url
[2011.11.20 00:30:59 | 000,000,257 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Sparkasse FRG.url
[2011.11.20 00:30:59 | 000,000,199 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Postbank Online-Banking.url
[2011.11.20 00:30:59 | 000,000,123 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Heizölpreise - TECSON.url
[2011.11.19 23:53:27 | 000,000,146 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Geräte-Manager.lnk
[2011.11.19 22:34:03 | 000,064,000 | ---- | C] () -- C:\Windows\SysNative\esfw41.bin
[2011.11.19 22:34:03 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.11.19 22:30:26 | 000,001,250 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\System Information.lnk
[2011.11.19 22:30:04 | 000,001,322 | ---- | C] () -- C:\Users\Christian Sörensen\Desktop\Wordpad.lnk
[2011.11.19 22:20:01 | 000,001,430 | ---- | C] () -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.11.19 22:19:52 | 000,001,464 | ---- | C] () -- C:\Users\Christian Sörensen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.11.19 22:05:46 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.11.19 22:05:34 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.11.19 22:03:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.09.19 09:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

< End of report >

kira · 24.11.2011, 08:31

Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

► Falls es Meldung/Bericht von deinem Antivirenprogramm oder andere Schutzprogramme gibt, bitte posten! Was gefunden und vor allem wo...
► Beschreibe, welche Versuche du unternommen hast, um das Problem zu lösen (die schon vorhandenen Ergebnisse auch posten z.B TDSSKiller von Kaspersky...andere)

1.

Zitat:

Spybot

- würde ich nicht mehr empfehlen, da erfüllt nicht die neue Schutzanforderungen und Lösungen Schutz vor Malware bzw gegenüber ganz neuen Herausforderungen arbeitet nicht zufriedenstellend
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"...
► Falls Du doch es behalten möchtest:
Stelle bitte den TeaTimer ab:
Gehe bei Spybot-S&D in den Erweiterten Modus und wähle dort Werkzeuge -> Resident.
Deaktiviere hier den "Resident TeaTimer aktiv".
(Tea Timer versucht positive änderungen auch zu blockieren) - soll für immer deaktiviert bleiben!

2.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

3.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

4
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

5.
MBR mit aswMBR von Avast prüfen

Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern.
Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles, die Du posten möchtest)[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

gruß
kira

Trojan Dos Alureon.E was jetzt

Log-Analyse und Auswertung: Trojan Dos Alureon.E was jetzt

Trojan Dos Alureon.E was jetzt

Trojan Dos Alureon.E was jetzt

Ähnliche Themen: Trojan Dos Alureon.E was jetzt