Vilsel.aejm u.a./Antivir u. Spybot versagen

myrtille · 26.05.2010, 11:23

Hi,

jein. Das sind die 2. häufigsten Optionen wenn man einen nicht Standardcode im MBR vorfindet.

Kannst du bitte bootkit_remover herunterladen. Entpacke den Bootkitremover bitte und doppelklick in dem ordner auf remove.exe.
Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen.

Sag mir dann bitte Bescheid ob es Veränderungen gibt und wenn ja in welchem device.

MfG myrtille

resistance01 · 26.05.2010, 19:17

Er findet:

C: Physical Drive0
MD5: 274955059efe9236c07688c5ff9242b2

Physical Drive0 Unknown Boot code

Unknown boot code has been found...

Hier noch das Log des OTLPE-Scans vom REATOGO-CD-Start:

OTL logfile created on: 5/26/2010 9:35:07 PM - Run
OTLPE by OldTimer - Version 3.1.39.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: | Country: | Language: | Date Format:

1,023.00 Mb Total Physical Memory | 791.00 Mb Available Physical Memory | 77.00% Memory free
906.00 Mb Paging File | 829.00 Mb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 1533 1533 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111.79 Gb Total Space | 30.83 Gb Free Space | 27.58% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive X: | 280.77 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO
Current User Name: SYSTEM
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = All Days
Output = Minimal
Using ControlSet: ControlSet006

========== Win32 Services (SafeList) ==========

SRV - (StarWindServiceAE) -- File not found
SRV - (gusvc) -- File not found
SRV - (IBMPMSVC) -- C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo.)
SRV - (SUService) -- C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited)
SRV - (TVT Scheduler) -- C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe (Lenovo Group Limited)
SRV - (ThinkVantage Registry Monitor Service) -- C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited)
SRV - (QCONSVC) -- C:\WINDOWS\system32\QCONSVC.EXE ()
SRV - (S24EventMonitor) -- C:\WINDOWS\system32\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) -- C:\WINDOWS\system32\RegSrvc.exe (Intel Corporation)
SRV - (SoundMAX Agent Service (default)) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (SANDRA) -- File not found
DRV - (PMEM) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (PcdrNt) -- File not found
DRV - (PCDRDRV) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- File not found
DRV - (BTWDNDIS) -- File not found
DRV - (BTDriver) -- File not found
DRV - (AgereSoftModem) -- File not found
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ACEDRV08) -- C:\WINDOWS\system32\drivers\ACEDRV08.sys (Protect Software GmbH)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (IBMPMDRV) -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys (Lenovo.)
DRV - (mcdbus) -- C:\WINDOWS\system32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (NSCIRDA) -- C:\WINDOWS\system32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (amdagp) -- C:\WINDOWS\System32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (SSHDRV84) -- C:\WINDOWS\system32\drivers\SSHDRV84.sys ()
DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.SYS ()
DRV - (w70n51) Intel(R) -- C:\WINDOWS\system32\drivers\w70n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (Smapint) -- C:\WINDOWS\system32\drivers\SMAPINT.SYS (Microsoft Corporation)
DRV - (TDSMAPI) -- C:\WINDOWS\system32\drivers\TDSMAPI.SYS ()
DRV - (TPHKDRV) -- C:\WINDOWS\system32\drivers\TPHKDRV.sys (IBM Corporation)
DRV - (gv3) -- C:\WINDOWS\system32\drivers\gv3.sys (Microsoft Corporation)
DRV - (S3SSavage) -- C:\WINDOWS\system32\drivers\s3ssavm.sys (S3 Graphics, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\System32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\System32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\System32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\System32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\System32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\System32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\System32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\System32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\System32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\System32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (TwoTrack) -- C:\WINDOWS\system32\drivers\TwoTrack.sys (IBM Corporation)
DRV - (ac97intc) Intel(r) 82801 Audiotreiber-Installationsdienst (WDM) -- C:\WINDOWS\system32\drivers\ac97intc.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Customer_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.mini20.com
IE - HKU\Customer_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Customer_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/03/18 04:31:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/05/17 10:58:10 | 000,000,000 | ---D | M]

[2010/05/25 09:37:26 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010/05/17 10:58:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/12 11:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/13 15:47:51 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/03/13 15:47:51 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/03/13 15:47:52 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/03/13 15:47:52 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/03/13 15:47:52 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010/05/18 12:37:12 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [S3TRAY2] C:\WINDOWS\System32\S3Tray2.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\Customer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Customer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Customer_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274171294682 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.dll - C:\Programme\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/21 03:08:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within All Days ==========

[2010/05/25 09:32:47 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/05/20 15:11:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Customer\Eigene Dateien\Temp
[2010/05/18 12:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\(null)
[2010/05/18 08:42:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/05/18 08:40:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/18 08:40:34 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/18 08:40:34 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/18 08:40:34 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/18 08:40:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/18 08:40:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/18 07:54:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/18 05:37:50 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/05/18 05:14:33 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/05/18 05:12:23 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/05/18 05:11:08 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/05/18 05:10:19 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/05/18 05:08:55 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/05/18 05:08:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/05/18 05:08:33 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/05/18 04:54:56 | 000,737,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/05/18 04:54:55 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/05/18 04:54:54 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/05/18 04:51:47 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010/05/18 04:51:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/05/18 04:51:19 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010/05/18 04:49:51 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/05/18 04:49:43 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/05/18 04:28:51 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2010/05/18 03:32:57 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll
[2010/05/18 03:32:57 | 000,030,208 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll
[2010/05/18 03:32:56 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2010/05/18 03:32:56 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2010/05/18 03:32:22 | 000,035,176 | ---- | C] (Lenovo.) -- C:\WINDOWS\System32\tpinspm.dll
[2010/05/18 03:14:49 | 000,021,376 | ---- | C] (Lenovo (United States) Inc.) -- C:\WINDOWS\System32\drivers\psadd.sys
[2010/05/17 10:58:10 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/17 10:58:10 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/17 10:58:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/17 10:58:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/17 09:18:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/05/17 03:04:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010/05/17 02:41:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/17 02:41:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/14 19:59:56 | 000,000,000 | ---D | C] -- C:\Settings
[2010/05/05 10:17:51 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Customer\Eigene Dateien\Eigene Videos
[2010/04/26 18:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/06 14:24:58 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Customer\Desktop\HijackThis.exe
[2010/04/06 13:52:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/04/06 08:17:43 | 000,108,768 | ---- | C] (Protect Software GmbH) -- C:\WINDOWS\System32\drivers\ACEDRV08.sys
[2010/03/25 08:42:43 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2010/03/10 12:51:04 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010/03/10 00:33:52 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010/03/10 00:33:47 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010/03/08 13:59:18 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/02/26 01:41:12 | 000,672,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010/02/26 01:41:11 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010/02/26 01:41:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2010/02/26 01:41:09 | 003,094,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010/02/26 01:41:06 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010/02/26 01:41:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010/02/19 15:27:36 | 000,720,384 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 15:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 15:27:16 | 000,856,064 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 15:27:16 | 000,847,872 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 15:27:16 | 000,843,776 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 15:27:16 | 000,839,680 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/02/12 00:33:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/01/29 10:59:30 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/01/13 10:00:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009/12/24 02:59:41 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/17 03:40:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/14 03:08:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009/12/08 05:23:28 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009/11/27 13:11:57 | 001,297,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2009/11/27 13:11:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 12:08:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/11/27 12:08:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 12:08:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 12:08:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/27 12:08:01 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/19 15:12:08 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/11/17 14:59:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\uninstall
[2009/10/31 11:37:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/10/13 06:32:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 09:38:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 09:38:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/10 13:09:07 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/05 09:45:44 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\WINDOWS\System32\drivers\mcdbus.sys
[2009/10/05 08:37:54 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/10/05 04:05:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2009/10/05 03:49:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/10/01 17:00:35 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009/10/01 17:00:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009/10/01 17:00:34 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009/10/01 17:00:34 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009/10/01 17:00:33 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009/10/01 17:00:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009/10/01 17:00:33 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009/09/10 10:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\save$$updater
[2009/09/09 14:55:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\BricoPacks
[2009/09/09 14:36:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\VIRepair
[2009/09/09 05:43:19 | 000,019,968 | ---- | C] (Dead Knight) -- C:\WINDOWS\System32\reico.exe
[2009/09/09 05:43:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\VITrans
[2009/09/07 03:11:20 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/09/07 03:10:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/09/07 02:59:03 | 002,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe.zottel
[2009/09/07 02:59:02 | 002,191,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe.zottel
[2009/09/07 02:20:02 | 000,018,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/09/04 17:03:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/08/27 14:20:42 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/08/27 14:20:42 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/08/27 14:20:42 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/08/27 14:20:41 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/08/27 14:20:41 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/08/27 14:20:41 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/08/27 14:20:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/08/27 14:20:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/08/27 14:20:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/08/27 14:20:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/08/27 14:20:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/08/27 14:20:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/08/27 14:20:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/08/27 14:20:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/08/27 14:20:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/08/27 14:20:38 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/08/27 14:20:37 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/08/27 14:20:37 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/08/27 14:20:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/08/27 14:20:36 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/08/27 14:20:36 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/08/27 14:20:36 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/08/27 14:20:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/08/27 14:20:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/08/27 14:20:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/08/27 14:20:34 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/08/27 14:20:34 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/08/27 14:20:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/08/27 14:20:33 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/08/27 14:20:33 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/08/27 14:20:32 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/08/27 14:20:32 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/08/27 14:20:32 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/08/27 14:20:31 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/08/27 14:20:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/08/27 14:20:31 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/08/27 14:20:30 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/08/27 14:20:29 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/08/27 14:20:29 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/08/27 14:20:29 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/08/27 14:20:29 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/08/27 14:20:28 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/08/27 14:20:28 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/08/27 14:20:28 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/08/27 14:20:28 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/08/27 14:20:27 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/08/27 14:20:26 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/08/27 14:20:25 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/08/27 14:20:21 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/08/27 14:20:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/08/27 14:20:18 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/08/27 14:20:17 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/08/27 14:20:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/08/27 14:20:17 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/08/27 14:20:16 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/08/27 14:20:16 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/08/27 14:20:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/08/27 14:20:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/08/27 14:20:16 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/08/27 14:20:15 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/08/27 14:20:15 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/08/27 14:20:15 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/08/27 14:20:15 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/08/27 14:20:14 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/08/27 14:20:14 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/08/27 14:20:14 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/08/27 14:20:14 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/08/27 14:20:13 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/08/27 14:20:13 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/08/27 14:20:13 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/08/27 14:20:12 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/08/27 14:20:10 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/08/27 14:20:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/08/26 16:37:12 | 000,721,904 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd[xyz].sys
[2009/08/26 15:13:29 | 000,125,424 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2009/08/26 15:13:29 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2009/08/15 20:41:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/08/15 19:25:29 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2009/08/15 19:25:29 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2009/08/15 19:25:29 | 000,068,080 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2009/08/15 19:25:29 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2009/08/15 19:25:29 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2009/08/15 19:25:28 | 002,083,312 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2009/08/15 19:25:28 | 000,133,616 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2009/08/15 18:35:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Customer\Eigene Dateien\Downloads
[2009/08/15 18:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/08/15 18:23:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/08/15 18:08:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/08/15 18:06:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/08/15 18:02:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009/08/15 17:57:11 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/08/15 17:57:05 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/08/15 17:57:04 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/08/15 17:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/08/15 17:23:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2009/08/15 17:23:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009/08/15 17:23:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2009/08/15 17:23:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/08/15 17:17:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009/08/15 17:08:27 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009/08/15 17:08:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009/08/15 17:08:26 | 002,458,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009/08/15 17:08:26 | 001,329,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMSPDMOE.dll
[2009/08/15 17:08:26 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009/08/15 17:08:26 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009/08/15 17:08:26 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009/08/15 17:08:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009/08/15 17:08:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009/08/15 17:08:25 | 008,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009/08/15 17:08:25 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/08/15 17:08:25 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/08/15 17:08:25 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/08/15 17:08:25 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009/08/15 17:08:25 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009/08/15 17:08:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/08/15 17:08:25 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/08/15 17:08:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009/08/15 17:08:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009/08/15 17:08:25 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009/08/15 17:08:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009/08/15 17:08:24 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009/08/15 17:08:24 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009/08/15 17:08:23 | 010,841,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/08/15 17:08:23 | 000,938,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2009/08/15 17:08:22 | 001,117,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOE.dll
[2009/08/15 17:08:22 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMADMOD.dll
[2009/08/15 17:08:22 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009/08/15 17:08:22 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009/08/15 17:08:22 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009/08/15 17:08:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009/08/15 17:08:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009/08/15 17:08:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/08/15 17:08:19 | 000,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/08/15 17:08:19 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/08/15 17:08:13 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009/08/15 17:08:12 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/08/15 17:08:04 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/08/15 17:07:58 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009/08/15 17:07:55 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009/08/15 17:07:48 | 001,678,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/08/15 17:07:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/08/15 17:07:38 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/08/15 17:07:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/08/15 17:07:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/08/15 17:07:31 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/08/15 17:07:30 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/08/15 17:07:28 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/08/15 17:07:22 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/08/15 17:07:10 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/08/15 17:07:10 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/08/15 17:07:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/08/15 17:07:02 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/08/15 17:07:02 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/08/15 17:07:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/08/15 17:06:58 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/08/15 17:06:58 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009/08/15 17:06:58 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009/08/15 17:06:56 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009/08/15 17:06:53 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/08/15 17:06:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/08/15 17:06:52 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009/08/15 17:06:52 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009/08/15 17:06:51 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009/08/15 17:06:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009/08/15 17:06:44 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009/08/15 17:06:35 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009/08/15 17:06:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/08/15 17:06:34 | 000,847,898 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009/08/15 17:06:34 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2009/08/15 17:06:31 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009/08/15 17:06:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009/08/15 17:06:29 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009/08/15 17:06:29 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/08/15 17:06:29 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/08/15 17:06:29 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/08/15 17:06:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MPG4DMOD.dll
[2009/08/15 17:06:29 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP4SDMOD.dll
[2009/08/15 17:06:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\MP43DMOD.dll
[2009/08/15 17:06:24 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/08/15 17:06:24 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/08/15 17:06:24 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/08/15 17:06:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/08/15 17:06:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/08/15 17:06:21 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009/08/15 17:06:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\LAPRXY.dll
[2009/08/15 17:06:17 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009/08/15 17:06:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/08/15 17:06:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/08/15 17:06:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/08/15 17:06:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/08/15 17:06:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/08/15 17:06:11 | 000,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009/08/15 17:06:09 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009/08/15 17:06:09 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/08/15 17:06:09 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/08/15 17:06:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/08/15 17:06:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/08/15 17:06:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/08/15 17:06:09 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/08/15 17:06:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/08/15 17:06:08 | 000,991,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009/08/15 17:06:08 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/08/15 17:06:08 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009/08/15 17:06:08 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009/08/15 17:06:08 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/08/15 17:06:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/08/15 17:06:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/08/15 17:06:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/08/15 17:06:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/08/15 17:06:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/08/15 17:06:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/08/15 17:06:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/08/15 17:06:05 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009/08/15 17:06:05 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009/08/15 17:06:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/08/15 17:06:04 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/08/15 17:06:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009/08/15 17:06:01 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/08/15 16:19:44 | 000,023,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/15 16:19:43 | 000,018,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/08/15 16:19:43 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/08/14 11:10:16 | 001,850,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/08/05 04:59:36 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/19 12:41:10 | 011,067,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/07/17 15:01:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/17 12:15:43 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2009/06/25 04:25:23 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2009/06/25 04:25:23 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/06/25 04:25:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2009/06/24 07:18:41 | 000,092,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2009/06/15 06:43:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/06/15 06:43:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/06/12 04:21:58 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll
[2009/06/10 03:19:38 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/06/10 02:14:21 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2004/07/25 20:16:40 | 000,135,168 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll

resistance01 · 26.05.2010, 19:45

Teil zwo des Logs:

========== Files - Modified Within All Days ==========

[2010/05/26 14:20:23 | 000,233,472 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2010/05/26 14:20:23 | 000,233,472 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2010/05/26 14:20:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/26 14:20:20 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/26 14:20:17 | 009,699,328 | -H-- | M] () -- C:\Dokumente und Einstellungen\Customer\NTUSER.DAT
[2010/05/26 14:20:17 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Customer\ntuser.ini
[2010/05/26 14:20:15 | 003,732,184 | -H-- | M] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010/05/26 14:06:40 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/26 14:00:20 | 1072,676,864 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/25 09:32:48 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/05/19 16:20:51 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/19 16:13:13 | 003,692,000 | R--- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\cofi.exe
[2010/05/19 11:56:18 | 000,000,537 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/19 11:56:18 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI
[2010/05/19 11:55:50 | 000,952,762 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/19 11:55:50 | 000,411,840 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010/05/19 11:55:50 | 000,397,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/19 11:55:50 | 000,072,886 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010/05/19 11:55:50 | 000,060,114 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/19 11:50:41 | 002,656,656 | -H-- | M] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010/05/19 11:50:25 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[2010/05/19 08:42:13 | 000,001,685 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\VirusTotal Uploader 2.0.lnk
[2010/05/18 17:09:07 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2010/05/18 12:37:12 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/18 06:08:18 | 000,122,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/18 05:49:08 | 000,103,936 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/18 02:59:52 | 000,020,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010/05/17 17:36:20 | 000,000,916 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Spybot - Search & Destroy.lnk
[2010/05/17 17:07:59 | 000,000,210 | ---- | M] () -- C:\Boot.bak
[2010/05/17 09:54:35 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Arbeitsplatz.lnk
[2010/05/17 03:01:19 | 000,001,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\CCleaner.lnk
[2010/05/01 06:44:16 | 000,000,748 | ---- | M] () -- C:\WINDOWS\Rollemup.ini
[2010/04/29 06:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 06:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/26 18:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 09:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/12 11:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/12 11:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/12 11:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/12 11:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/04/12 09:19:02 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/06 14:24:59 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Customer\Desktop\HijackThis.exe
[2010/04/06 13:47:51 | 000,385,986 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100517-233958.backup
[2010/04/06 08:17:43 | 000,108,768 | ---- | M] (Protect Software GmbH) -- C:\WINDOWS\System32\drivers\ACEDRV08.sys
[2010/04/06 06:44:47 | 000,001,561 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Frag doch mal.lnk
[2010/03/30 21:58:04 | 002,083,312 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010/03/30 21:58:04 | 000,678,384 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010/03/30 21:58:04 | 000,559,600 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010/03/30 21:58:04 | 000,440,816 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010/03/30 21:58:04 | 000,219,632 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010/03/30 21:58:04 | 000,133,616 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010/03/30 21:58:04 | 000,125,424 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2010/03/30 21:58:04 | 000,123,888 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2010/03/30 21:58:04 | 000,100,848 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\VXBLOCK.dll
[2010/03/30 21:58:04 | 000,072,176 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010/03/30 21:58:04 | 000,068,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010/03/30 21:58:04 | 000,068,080 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010/03/27 07:22:11 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2010/03/27 07:15:24 | 000,000,301 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010/03/27 07:00:51 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/26 10:05:55 | 000,002,953 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/26 09:58:29 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2010/03/26 09:38:51 | 000,451,072 | ---- | M] () -- C:\WINDOWS\Radeon Omega Drivers v3.8.252 Uninstall.exe
[2010/03/26 09:08:24 | 000,004,396 | ---- | M] () -- C:\Programme\DRIVEINSTALL.INI
[2010/03/10 00:33:52 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010/03/10 00:33:47 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010/03/09 07:09:28 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010/03/09 07:09:28 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2010/03/08 13:59:18 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/03/05 05:36:58 | 000,380,339 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100406-194751.backup
[2010/02/26 01:41:12 | 000,672,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010/02/26 01:41:11 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010/02/26 01:41:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2010/02/26 01:41:09 | 003,094,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010/02/26 01:41:06 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010/02/26 01:41:06 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010/02/26 01:41:06 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2010/02/26 01:41:06 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2010/02/26 01:31:47 | 000,371,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/02/20 12:40:24 | 000,002,680 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2010/02/20 12:40:24 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2010/02/19 15:27:36 | 000,720,384 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivX.dll
[2010/02/19 15:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0c.dll
[2010/02/19 15:27:16 | 000,856,064 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx07.dll
[2010/02/19 15:27:16 | 000,847,872 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx0a.dll
[2010/02/19 15:27:16 | 000,843,776 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx16.dll
[2010/02/19 15:27:16 | 000,839,680 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\divx_xx11.dll
[2010/02/17 08:04:26 | 002,192,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/02/17 08:04:26 | 002,192,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/02/16 15:04:25 | 002,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/02/16 15:04:25 | 002,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/02/16 15:04:17 | 002,148,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/02/16 15:04:17 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/02/12 06:03:03 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/02/12 00:33:08 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/01/29 10:59:30 | 000,691,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/01/29 10:43:35 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2010/01/29 10:43:35 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2010/01/13 10:00:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009/12/31 12:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/12/24 02:59:41 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009/12/20 15:28:02 | 000,366,547 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100305-103658.backup
[2009/12/17 03:40:01 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/12/17 03:40:01 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/14 03:08:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009/12/14 03:08:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2009/12/08 05:23:28 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009/12/02 17:37:18 | 000,000,034 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2009/11/27 13:11:57 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll
[2009/11/27 13:11:57 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2009/11/27 13:11:57 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009/11/27 12:08:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009/11/27 12:08:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2009/11/27 12:08:01 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009/11/27 12:08:01 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009/11/27 12:08:01 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009/11/27 12:08:01 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009/11/21 11:54:48 | 001,206,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009/11/21 11:54:17 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/11/18 08:04:22 | 000,035,176 | ---- | M] (Lenovo.) -- C:\WINDOWS\System32\tpinspm.dll
[2009/11/18 08:04:18 | 000,038,248 | ---- | M] (Lenovo.) -- C:\WINDOWS\System32\ibmpmsvc.exe
[2009/11/18 08:03:36 | 000,026,608 | ---- | M] (Lenovo.) -- C:\WINDOWS\System32\drivers\ibmpmdrv.sys
[2009/10/26 13:53:37 | 000,347,237 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091220-202802.backup
[2009/10/25 00:11:34 | 000,077,312 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2009/10/23 11:28:37 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/10/15 12:28:24 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2009/10/15 12:28:24 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009/10/15 12:28:24 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009/10/15 12:28:24 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2009/10/14 20:30:31 | 000,344,149 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091026-185336.backup
[2009/10/14 15:40:40 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/10/13 12:20:14 | 000,000,575 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\emule.lnk
[2009/10/13 06:32:34 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2009/10/13 06:32:34 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2009/10/12 09:38:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2009/10/12 09:38:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2009/10/12 09:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2009/10/12 09:38:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2009/10/10 13:58:07 | 000,343,775 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091015-023030.backup
[2009/10/05 05:07:49 | 000,338,223 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091010-195807.backup
[2009/10/01 20:26:57 | 000,338,223 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091005-110749.backup
[2009/10/01 16:05:27 | 000,000,141 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/11 10:17:01 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/09/10 10:13:50 | 000,329,969 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20091002-022657.backup
[2009/09/09 14:57:41 | 000,060,287 | ---- | M] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009/09/09 14:57:41 | 000,005,334 | ---- | M] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009/09/09 14:57:26 | 002,359,350 | ---- | M] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009/09/09 14:57:21 | 000,000,764 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Startmenü\Programme\Autostart\RocketDock.lnk
[2009/09/09 05:43:32 | 000,078,942 | ---- | M] () -- C:\WINDOWS\Icon_1.ico
[2009/09/07 02:19:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/09/07 02:19:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/09/04 17:03:28 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009/09/04 11:44:40 | 000,515,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009/09/04 11:44:40 | 000,238,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009/09/04 11:44:40 | 000,069,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/09/04 11:29:34 | 000,453,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009/09/04 11:29:34 | 000,235,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009/09/04 11:29:32 | 005,501,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009/09/04 11:29:32 | 001,974,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009/09/04 11:29:30 | 001,892,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009/09/01 15:34:53 | 000,326,007 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090910-161350.backup
[2009/08/27 13:53:19 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/08/26 16:37:13 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd[xyz].sys
[2009/08/26 04:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2009/08/26 04:00:21 | 000,247,326 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009/08/15 18:34:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/08/15 18:24:01 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/08/15 18:21:42 | 000,000,636 | ---- | M] () -- C:\Dokumente und Einstellungen\Customer\Desktop\RegCleaner.lnk
[2009/08/15 17:17:35 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2009/08/14 11:10:16 | 001,850,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2009/08/14 11:10:16 | 001,850,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2009/08/13 11:15:57 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2009/08/13 11:15:57 | 000,512,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009/08/06 13:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/08/06 13:24:18 | 000,327,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/08/06 13:24:12 | 000,018,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/08/06 13:24:10 | 000,217,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/08/06 13:24:10 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/08/06 13:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/08/06 13:24:10 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/08/06 13:24:10 | 000,015,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/08/06 13:24:06 | 000,053,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/08/06 13:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2009/08/06 13:24:04 | 000,096,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2009/08/06 13:24:04 | 000,015,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/08/06 13:24:02 | 000,023,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/08/06 13:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/08/06 13:23:54 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/08/06 13:23:46 | 001,929,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/08/06 13:23:28 | 000,209,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/08/05 04:59:36 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2009/08/05 04:59:36 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009/07/31 04:02:20 | 001,372,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/07/31 00:32:17 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009/07/19 12:41:10 | 011,067,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/07/17 15:01:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll
[2009/07/17 12:15:43 | 001,441,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2009/07/17 12:15:43 | 001,441,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2009/07/13 17:43:24 | 010,841,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009/07/13 17:43:24 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009/07/03 12:55:16 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/07/03 12:55:16 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/07/03 12:55:14 | 001,985,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/06/25 04:25:23 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2009/06/25 04:25:23 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/06/25 04:25:23 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2009/06/25 04:25:23 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2009/06/25 04:25:23 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2009/06/25 04:25:23 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2009/06/24 07:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2009/06/15 06:43:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2009/06/15 06:43:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2009/06/15 06:43:57 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2009/06/15 06:43:57 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2009/06/12 04:21:58 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71u.dll
[2009/06/10 03:19:38 | 002,066,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2009/06/10 02:14:21 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll

========== Files Created - No Company Name ==========

[2010/05/19 11:51:34 | 1072,676,864 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/19 08:42:13 | 000,001,685 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\VirusTotal Uploader 2.0.lnk
[2010/05/18 08:42:18 | 000,000,210 | ---- | C] () -- C:\Boot.bak
[2010/05/18 08:42:14 | 000,262,448 | ---- | C] () -- C:\cmldr
[2010/05/18 08:40:34 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/18 08:40:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/18 08:40:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/18 08:40:34 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/18 08:40:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/18 08:34:27 | 003,692,000 | R--- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\cofi.exe
[2010/05/17 17:36:20 | 000,000,916 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Spybot - Search & Destroy.lnk
[2010/05/17 17:11:52 | 000,021,468 | ---- | C] () -- C:\WINDOWS\kill.exe
[2010/05/17 09:54:35 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Arbeitsplatz.lnk
[2010/05/17 03:01:19 | 000,001,523 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\CCleaner.lnk
[2010/04/14 09:50:03 | 000,000,748 | ---- | C] () -- C:\WINDOWS\Rollemup.ini
[2010/04/06 06:44:47 | 000,001,561 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\Frag doch mal.lnk
[2010/03/27 07:27:48 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010/03/26 09:43:56 | 000,145,834 | ---- | C] () -- C:\WINDOWS\System32\atmdeuxx.hlp
[2010/03/26 09:43:56 | 000,044,812 | ---- | C] () -- C:\WINDOWS\System32\attdeuxx.hlp
[2010/03/26 09:43:56 | 000,024,283 | ---- | C] () -- C:\WINDOWS\System32\atfdeuxx.hlp
[2010/03/26 09:38:51 | 000,451,072 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v3.8.252 Uninstall.exe
[2010/03/26 09:08:24 | 000,004,396 | ---- | C] () -- C:\Programme\DRIVEINSTALL.INI
[2010/02/20 12:40:18 | 000,002,680 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2010/02/20 12:40:18 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2009/11/18 10:35:18 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/10/14 15:40:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/10/13 12:20:14 | 000,000,575 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\emule.lnk
[2009/10/01 17:21:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/01 16:05:27 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/10 15:33:20 | 000,000,446 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\WhiteCap (Holiday Edition) Prefs (Windows Media Player).txt
[2009/09/09 14:57:41 | 000,060,287 | ---- | C] () -- C:\WINDOWS\BricoPackUninst.cmd
[2009/09/09 14:57:39 | 000,000,764 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Startmenü\Programme\Autostart\RocketDock.lnk
[2009/09/09 14:57:26 | 002,359,350 | ---- | C] () -- C:\WINDOWS\BricoPack Wallpaper.bmp
[2009/09/09 14:56:03 | 000,005,334 | ---- | C] () -- C:\WINDOWS\BricoPackFoldersDelete.cmd
[2009/09/09 05:43:32 | 000,078,942 | ---- | C] () -- C:\WINDOWS\Icon_1.ico
[2009/09/09 05:43:19 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe
[2009/09/09 05:43:19 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2009/09/09 05:41:38 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\scrnrdr.exe
[2009/08/26 19:00:39 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/08/26 19:00:39 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/08/15 18:34:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/08/15 18:24:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/08/15 18:21:42 | 000,000,636 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Desktop\RegCleaner.lnk
[2009/08/15 17:08:25 | 000,660,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009/08/15 17:08:25 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009/08/15 17:08:25 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009/08/15 17:08:25 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009/08/15 17:08:25 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009/08/15 17:08:25 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009/08/15 17:08:25 | 000,079,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009/08/15 17:08:25 | 000,026,141 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009/08/15 17:08:25 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009/08/15 17:08:25 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009/08/15 17:08:25 | 000,001,730 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009/08/15 17:08:25 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009/08/15 17:08:24 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009/08/15 17:08:24 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009/08/15 17:08:24 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009/08/15 17:08:24 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009/08/15 17:08:24 | 000,058,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009/08/15 17:08:22 | 000,034,554 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009/08/15 17:08:22 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009/08/15 17:08:22 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009/08/15 17:08:21 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009/08/15 17:08:21 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009/08/15 17:08:21 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009/08/15 17:08:21 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009/08/15 17:08:21 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009/08/15 17:08:21 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009/08/15 17:08:21 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009/08/15 17:08:21 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009/08/15 17:08:16 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009/08/15 17:08:16 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009/08/15 17:08:16 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009/08/15 17:08:12 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009/08/15 17:08:12 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009/08/15 17:08:12 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009/08/15 17:08:12 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009/08/15 17:08:12 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009/08/15 17:08:12 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009/08/15 17:08:09 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009/08/15 17:08:09 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009/08/15 17:08:09 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009/08/15 17:08:09 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009/08/15 17:07:59 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009/08/15 17:07:57 | 000,001,810 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009/08/15 17:07:42 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009/08/15 17:07:37 | 000,066,132 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009/08/15 17:07:28 | 000,084,531 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009/08/15 17:07:28 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009/08/15 17:07:27 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009/08/15 17:07:27 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009/08/15 17:07:27 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009/08/15 17:07:27 | 000,001,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009/08/15 17:07:27 | 000,001,467 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009/08/15 17:07:27 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009/08/15 17:07:27 | 000,001,055 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009/08/15 17:07:27 | 000,001,047 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009/08/15 17:07:27 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009/08/15 17:07:27 | 000,000,807 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009/08/15 17:07:27 | 000,000,800 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009/08/15 17:07:27 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009/08/15 17:07:27 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009/08/15 17:07:27 | 000,000,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009/08/15 17:07:16 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009/08/15 17:07:10 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009/08/15 17:07:10 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009/08/15 17:06:29 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009/08/15 17:06:29 | 000,036,610 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009/08/15 17:06:29 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009/08/15 17:06:29 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009/08/15 17:06:29 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009/08/15 17:06:22 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009/08/15 17:06:14 | 000,001,950 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/08/15 17:06:10 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009/08/15 17:06:07 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009/08/15 17:06:07 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009/08/15 17:06:07 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009/08/15 17:06:07 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009/08/15 17:06:06 | 000,184,109 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009/08/15 17:06:06 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009/08/15 17:06:06 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009/08/15 17:06:06 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009/08/15 17:06:06 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009/08/15 17:06:06 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009/08/15 17:06:05 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2008/04/13 04:30:16 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV84.sys
[2008/02/13 19:00:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007/07/17 12:40:40 | 000,103,936 | ---- | C] () -- C:\Dokumente und Einstellungen\Customer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/12 13:43:15 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/21 03:08:21 | 000,020,480 | -H-- | C] () -- C:\Dokumente und Einstellungen\Customer\ntuser.dat.LOG
[2006/06/21 03:08:21 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Customer\ntuser.ini
[2006/06/21 03:08:20 | 009,699,328 | -H-- | C] () -- C:\Dokumente und Einstellungen\Customer\NTUSER.DAT
[2006/06/21 02:56:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/21 02:51:35 | 000,000,301 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/06/21 02:49:14 | 000,000,251 | ---- | C] () -- C:\WINDOWS\Welcome.ini
[2006/06/21 02:43:43 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSMAPIP.SYS
[2006/06/21 02:42:46 | 000,008,830 | ---- | C] () -- C:\WINDOWS\System32\drivers\TDSMAPI.SYS
[2006/06/21 02:41:46 | 000,002,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.SYS
[2004/07/25 20:16:38 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2002/10/07 12:15:36 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2002/10/06 18:42:58 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/01 04:05:15 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/10/01 03:58:27 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.dat.LOG
[2002/10/01 03:58:27 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\ntuser.ini
[2002/10/01 03:58:26 | 000,233,472 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.DAT
[2002/10/01 03:58:26 | 000,233,472 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.DAT
[2002/10/01 03:58:26 | 000,008,192 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.dat.LOG
[2002/10/01 03:58:26 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService\ntuser.ini
[1979/12/31 18:00:00 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll

========== LOP Check ==========

[2009/10/14 16:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\Blitware
[2009/08/15 19:02:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\CoreCodec
[2009/08/26 16:41:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\DAEMON Tools Lite
[2009/08/15 20:47:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\DeepBurner
[2010/02/19 14:10:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\GetRightToGo
[2007/07/12 12:35:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\IBM
[2007/07/12 15:13:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\InterVideo
[2009/10/31 09:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\phonostar-Player
[2009/08/30 16:24:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\streamripper
[2009/10/09 12:42:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\uTorrent
[2007/07/12 16:38:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\VERITAS
[2009/10/10 13:13:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Customer\Anwendungsdaten\www.homeopathyonline.org

========== Purity Check ==========

< End of report >

Das ist ein wirklich hartnäckiger Quälgeist...

myrtille · 26.05.2010, 20:02

Hi,

dann versuch bitt folgendes:

Gib unter Start-> Ausführen als.. cmd ein.

Es sollte sich ein schwarzes Fenster öffnen.
In das Fenster gibt bitte Folgendes ein:

Zitat:

START remover.exe fix \\.\PhysicalDrive0

Danach bitte den Rechner neustarten und mir sagen ob du weiterhin die Prozesse findest.

lg myrtille

resistance01 · 26.05.2010, 21:25

Huhu,

die Datei "remover.exe" kann nicht gefunden werden.
Muss ich die erst in ein bestimmtes Verzeichnis kopieren?

myrtille · 26.05.2010, 21:34

Hi,

wenn du die Datei nicht verschoben hast seitdem du sie zuletzt ausgeführt hast, sollte das eigentlich gehen.

Ansonste kopiere die Datei bitte auf deinen Desktop und gebe folgenden Befehl ein:

Zitat:

"%userprofile%\Desktop\remover.exe" fix \\.\PhysicalDrive0

tomZ · 27.05.2010, 22:59

Hallo,

ich habe seit Tagen genau das gleiche Problem. Ich habe mit SUPERAntiSpyware und Malwarebytes (in der Reihenfolge) alle Plagegeister entfernen können (ich hatte vorher schon mit ein paar Antivirenprogrammen per Boot-CD einige andere Plagegeister entfernt, allerdings wesentlich weniger). Übrig geblieben ist aber eben auch nach SUPERAntiSpyware und Malwarebytes vilsel.aejm, der nach jedem Reboot immer wieder auftaucht.

Malwarebytes findet ihn, bietet auch an, ihn beim reboot zu löschen, er taucht aber immer wieder auf als

C:\SYSTEM VOLUME INFORMATION\_RESTORE{D5FFFA500B1B}\svchost.exe

bzw. als

C:\SYSTEM VOLUME INFORMATION\_RESTORE{D5FFFA500B1B}\smss.exe

Auch ein manuelles Löschen über den Fileassasin führt zum gleichen "Erfolg". Hat jemand noch weitere Ideen, wie man dem vertrackten Trojaner beikommen kann?

Merci und Grüße,

tom

Vilsel.aejm u.a./Antivir u. Spybot versagen

Antiviren-, Firewall- und andere Schutzprogramme: Vilsel.aejm u.a./Antivir u. Spybot versagen