Fehlermeldung beim Start "Cbhd hat Fehler verursacht"

hmd608 · 05.08.2010, 08:35

Hallo Gemeinde,
diese Meldung erscheint nach und nach auf allen Rechnern auf denen ich mich einlogge. Im Ereignisprotokoll erscheint diese Fehlermeldung:

Fehlgeschlagene Anwendung msnmsgr.exe, Version 2.25.0.23, fehlgeschlagenes Modul , Version 0.0.0.0, Fehleradresse 0x00000000.

Die Anwendung findet man (nur auf den betroffenen Rechnern) unter C:\Windows\Install\MsnMsgr.exe. Sie läßt sich nicht entfernen.

Der McAfee Virenscanner findet nichts - Ad-Aware findet auch nichts.

Ich hoffe ihr könnt mir helfen

Hier mein HiJack Protokoll:
--------------------------------------------------------------------------

HiJackthis Logfile:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:06:15, on 05.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\program files\lotus\notes7.0.2\nslsvice.exe
C:\program files\lotus\notes7.0.2\nsl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Juniper Networks\Common Files\dsNcService.exe
C:\WINDOWS\system32\Empirum\EmpirumRCHost.exe
C:\Programme\Gemeinsame Dateien\GtFlashSwitch\GtFlashSwitch.exe
C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe
C:\WINDOWS\system32\EMPIRUM\empautsvc.exe
C:\Programme\McAfee\VirusScan Enterprise\EngineServer.exe
c:\Programme\McAfee\Common Framework\FrameworkService.exe
C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\program files\lotus\notes7.0.2\ntmulti.exe
C:\WINDOWS\system32\EMPIRUM\SetupSvc.exe
C:\Programme\RealVNC\WinVNC\WinVNC.exe
C:\WINDOWS\system32\EMPIRUM\SwDepot.exe
C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Programme\McAfee\VirusScan Enterprise\mfeann.exe
c:\Programme\McAfee\Common Framework\naPrdMgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UiMdmTip.exe
C:\WINDOWS\install\MsnMsgr.exe
C:\WINDOWS\system32\Empirum\SWDepot.exe
C:\WINDOWS\install\MsnMsgr.exe
C:\Programme\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\system32\rundll32.exe
c:\Programme\McAfee\Common Framework\McTray.exe
C:\Programme\Huawei Modems\DataCardMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-Mobile\web'n'walk Manager\AutoUpdateSrv.exe
C:\WINDOWS\system32\EMPIRUM\PBackup.exe
C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\CnMdKHkH.exe\1.01\CnMdKHkH.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vion-Line
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von Vion IT Services
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.151.37:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 172.17.*.*;192.168.151.*;vion-line;*.intra;192.168.44.*;172.16.*.*;<local>
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Programme\WebEx\Productivity Tools\ptonecli.dll
O3 - Toolbar: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Programme\WebEx\Productivity Tools\ptonecli.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMImpersonator] C:\Programme\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UiMdmTip.exe
O4 - HKLM\..\Run: [_UserEnv] C:\WINDOWS\system32\EMPIRUM\env.exe
O4 - HKLM\..\Run: [RunSWDepot1] SWDEPOT /WU /S /T /Q
O4 - HKLM\..\Run: [RunSWDepot2] SWDEPOT \\%EmpirumServer%\Configurator$\User\SwDepot.dds /I\\%EmpirumServer%\Values$\MachineValues\%DomainName%\%Computername%.ddc /I\\%EmpirumServer%\Values$\UserValues\%UserDomain%\%UserName%.ddc /S /E /F /K7200 /Z2
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "c:\Programme\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ShStatEXE] "c:\Programme\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [WinVNC] "C:\Programme\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [DataCardMonitor] C:\Programme\Huawei Modems\DataCardMonitor.exe
O4 - HKLM\..\Run: [HKLM] C:\WINDOWS\install\MsnMsgr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HKCU] C:\WINDOWS\install\MsnMsgr.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\install\MsnMsgr.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\install\MsnMsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-1085031214-790525478-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'EmpInstWs')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Aktualisierungsagent.lnk = ?
O4 - Global Startup: Inventory.lnk = C:\WINDOWS\system32\EMPIRUM\EmpInventory.exe
O4 - Global Startup: Personal Backup.lnk = C:\WINDOWS\system32\EMPIRUM\PBackup.exe
O8 - Extra context menu item: An OneNote s&enden - res:///105
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=hxxp://vion-Line
O16 - DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} (JInitiator 1.3.1.28) - hxxp://viper.vionfood.local/forms/jinitiator/jinit.exe
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://vion-support.webex.com/client/upgradeserver/client/ptool/T27L10NSP11EP15-6316/ieatgpc.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://employees.vionfood.com/dana-cached/sc/JuniperSetupClient.cab
O23 - Service: pcAnywhere Host-Modul (awhost32) - Symantec Corporation - C:\Programme\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Programme\Juniper Networks\Common Files\dsNcService.exe
O23 - Service: Empirum Remote Control Service (EmpirumRC_Service) - matrix42 AG - C:\WINDOWS\system32\Empirum\EmpirumRCHost.exe
O23 - Service: GtFlashSwitch - OptionNV - C:\Programme\Gemeinsame Dateien\GtFlashSwitch\GtFlashSwitch.exe
O23 - Service: Fujitsu HaMDevMg.1.01 (HaMDevMg.1.01) - Fujitsu Technology Solutions - C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lotus Notes - Gemeinsame Anmeldung (Lotus Notes Single Logon) - IBM Corp - C:\program files\lotus\notes7.0.2\nslsvice.exe
O23 - Service: Empirum-AUT Service (MATRIXAUT) - matrix42 AG - C:\WINDOWS\system32\EMPIRUM\empautsvc.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Programme\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: McAfee Framework-Dienst (McAfeeFramework) - McAfee, Inc. - c:\Programme\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\lotus\notes7.0.2\ntmulti.exe
O23 - Service: Empirum-Agent (SetupService) - matrix42 AG - C:\WINDOWS\system32\EMPIRUM\SetupSvc.exe
O23 - Service: VNC Server (winvnc) - RealVNC Ltd. - C:\Programme\RealVNC\WinVNC\WinVNC.exe

--
End of file - 9972 bytes

--- --- ---

Chris4You · 05.08.2010, 08:54

Hi,

ist das ein geschäftlich genutzter PC?

Es werden einige Dateien installiert, kennst Du die (Oracle?)?:

hxxps://employees.vionfood.com/dana-cached/sc/JuniperSetupClient.cab
hxxp://viper.vionfood.local/forms/jinitiator/jinit.exe

Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:

Als erstes versteckte Dateien anzeigen lassen! (nur Punkt 1 durchführen!)

Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:

Code:

ATTFilter

C:\WINDOWS\install\MsnMsgr.exe
C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe

Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt

Poste die Logfiles hier in den Thread

chris
Ps.: Policies!

hmd608 · 05.08.2010, 09:28

Vielen Dank für die schnelle Antwort :-)

Hier die Ergebnisse von Virustotal zu MsnMsgr.exe. Die andere Datei war ungefährlich. Die vionfood-Dateien sind ungefährlich und werden hier im Unternehmen verwand. Der andere Scan läuft gerade durch.

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2010.08.05.03 2010.08.05 -
AntiVir 8.2.4.32 2010.08.04 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2010.08.03 -
Authentium 5.2.0.5 2010.08.05 W32/VB.AS.gen!Eldorado
Avast 4.8.1351.0 2010.08.04 Win32:VB-OXI
Avast5 5.0.332.0 2010.08.04 Win32:VB-OXI
AVG 9.0.0.851 2010.08.04 -
BitDefender 7.2 2010.08.05 Gen:Variant.IrcWorm.1
CAT-QuickHeal 11.00 2010.08.05 -
ClamAV 0.96.0.3-git 2010.08.05 -
Comodo 5645 2010.08.04 UnclassifiedMalware
DrWeb 5.0.2.03300 2010.08.05 Win32.HLLW.Autoruner.14469
Emsisoft 5.0.0.36 2010.08.05 IRC-Worm.SuspectCRC!IK
eSafe 7.0.17.0 2010.08.04 -
eTrust-Vet 36.1.7767 2010.08.05 -
F-Prot 4.6.1.107 2010.08.05 W32/VB.AS.gen!Eldorado
F-Secure 9.0.15370.0 2010.08.05 Gen:Variant.IrcWorm.1
Fortinet 4.1.143.0 2010.08.05 -
GData 21 2010.08.05 Gen:Variant.IrcWorm.1
Ikarus T3.1.1.84.0 2010.08.05 390786 'IRC-Worm.SuspectCRC
Jiangmin 13.0.900 2010.08.03 -
Kaspersky 7.0.0.125 2010.08.05 Trojan.Win32.Buzus.exmu
McAfee 5.400.0.1158 2010.08.05 -
McAfee-GW-Edition 2010.1 2010.08.05 -
Microsoft 1.6004 2010.08.05 -
NOD32 5341 2010.08.04 a variant of Win32/Injector.AZJ
Norman 6.05.11 2010.08.04 -
nProtect 2010-08-04.01 2010.08.04 Gen:Variant.IrcWorm.1
Panda 10.0.2.7 2010.08.04 W32/Gaobot.OXI.worm
PCTools 7.0.3.5 2010.08.04 Trojan.IRCBot
Prevx 3.0 2010.08.05 -
Rising 22.59.03.03 2010.08.05 -
Sophos 4.56.0 2010.08.05 -
Sunbelt 6687 2010.08.05 Virtool.Win32.Vbinject.Gen.2 (v)
SUPERAntiSpyware 4.40.0.1006 2010.08.05 -
Symantec 20101.1.1.7 2010.08.05 W32.IRCBot
TheHacker 6.5.2.1.332 2010.08.05 Trojan/Injector.azj
TrendMicro 9.120.0.1004 2010.08.05 Mal_BUZUS-7
TrendMicro-HouseCall 9.120.0.1004 2010.08.05 Mal_BUZUS-7
VBA32 3.12.12.8 2010.08.04 -
ViRobot 2010.8.4.3971 2010.08.05 -
VirusBuster 5.0.27.0 2010.08.04 -
weitere Informationen
File size: 704589 bytes
MD5 : d68abaa75ade70b226d882156fb6aafd
SHA1 : fc809107194d7b778e2cb1ebfa78d943e7fb64d4
SHA256: 07aa1512ac416a415d0ad7a4bf6516e96a165d694d54e6f1a0444de1cf4b1612
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x55C8
timedatestamp.....: 0x4B9FD8CE (Tue Mar 16 20:15:26 2010)
machinetype.......: 0x14C (Intel I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x63FD4 0x64000 5.69 7b41522814f6323442c77d402b03dda4
.data 0x65000 0x5570 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0x6B000 0x9BC 0x1000 2.21 49c248fee2acd1a7243d6e999950d6cd

( 1 imports )

> msvbvm60.dll: __vbaStrI2, _CIcos, _adj_fptan, __vbaVarMove, __vbaVarVargNofree, __vbaAryMove, __vbaFreeVar, __vbaLenBstr, __vbaStrVarMove, __vbaEnd, __vbaFreeVarList, _adj_fdiv_m64, __vbaRaiseEvent, __vbaFreeObjList, -, _adj_fprem1, __vbaRecAnsiToUni, __vbaStrCat, __vbaSetSystemError, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaAryDestruct, -, __vbaExitProc, __vbaVarForInit, -, __vbaObjSet, __vbaOnError, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, -, __vbaCyStr, _CIsin, __vbaErase, -, __vbaVarZero, -, __vbaChkstk, -, __vbaFileClose, EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaGet3, -, __vbaStrCmp, __vbaCyI2, __vbaPutOwner3, __vbaVarTstEq, __vbaAryConstruct2, __vbaI2I4, DllFunctionCall, -, __vbaVarLateMemSt, __vbaRedimPreserve, _adj_fpatan, __vbaRedim, __vbaRecUniToAnsi, EVENT_SINK_Release, __vbaUI1I2, _CIsqrt, EVENT_SINK_QueryInterface, __vbaUI1I4, __vbaExceptHandler, __vbaStrToUnicode, __vbaPrintFile, _adj_fprem, _adj_fdivr_m64, __vbaI2Str, -, __vbaFPException, -, __vbaGetOwner3, __vbaUbound, __vbaStrVarVal, __vbaVarCat, __vbaI2Var, -, -, _CIlog, __vbaErrorOverflow, __vbaFileOpen, __vbaInStr, -, -, __vbaR8Str, __vbaNew2, __vbaVar2Vec, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, __vbaI4Str, -, __vbaFreeStrList, __vbaDerefAry1, _adj_fdivr_m32, _adj_fdiv_r, -, -, __vbaI4Var, __vbaAryLock, __vbaVarAdd, __vbaStrToAnsi, __vbaVarMod, __vbaVarCopy, -, __vbaFpI4, _CIatan, __vbaAryCopy, __vbaStrMove, __vbaR8IntI4, _allmul, __vbaLateIdSt, _CItan, __vbaAryUnlock, __vbaVarForNext, _CIexp, __vbaFreeObj, __vbaI4ErrVar, __vbaFreeStr, -

( 0 exports )

TrID : File type identification
Win32 Executable Microsoft Visual Basic 6 (90.9%)
Win32 Executable Generic (6.1%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 12288:HkSLamsHzyywk4dBLfw/rfvLcklEaMwogs2JOkkkXQzJWL:ESLU2ywLmgM0/gXIGsQ
sigcheck: publisher....: sGcen
copyright....: ODAuMJ
product......: TExEjwvLOR
description..: Cbhd
original name: BCOUIwefhvbgyth.exe
internal name: BCOUIwefhvbgyth
file version.: 2.25.0023
comments.....: rUlDYrl
signers......: -
signing date.: -
verified.....: Unsigned

PEiD : -
RDS : NSRL Reference Data Set
-

Chris4You · 05.08.2010, 09:44

Hi,

damit ich das richtig verstehe, Du meldest Dich an diesen Rechnern an und dann bekommen die den netten kleinen IRC-Wurm (in VisualBasic... ;o)...
Das setzt voraus, dass Du Dich beim Chatt angemeldet hast und die Datei dann automatisch an Dich (bzw. den aktuellen Rechner) verschickt wird...

Bitte OTL-Log, da muss umgehend bereinigt werden...
Allerdings dürfen hier keinen geschäftlichen Rechner verwurstet werden, dafür gibt es ja den Admin bei Euch... rechtliche Probleme und so...

chris

hmd608 · 05.08.2010, 10:04

Hallo chris,
leider bin ich der Admin hier, aber ich werde das Teil nicht los. Ich muss mich halt an einigen Stationen anmelden und dann kommt dieser Fehler. Ich habe die Befürchtung, dass sich der Trojaner auf meinem USB-Stick eingenisted hat.
Hier das Ergebniss von malwarebytes:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4391

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

05.08.2010 10:52:16
malwarebytes.txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 276482
Laufzeit: 26 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 9

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{571gx626-q25a-221r-s681-wb01hwn80v1j} (Generic.Bot.H) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Backdoor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Backdoor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Backdoor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Backdoor) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\install\MsnMsgr.exe (Generic.Bot.H) -> No action taken.
c:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\logs.dat (Bifrose.Trace) -> No action taken.
c:\Dokumente und Einstellungen\BlochTh01\Anwendungsdaten\logs.dat (Bifrose.Trace) -> No action taken.
c:\Dokumente und Einstellungen\BlochTh01\Lokale Einstellungen\Temp\IELOGIN.abc (Malware.Trace) -> No action taken.
c:\Dokumente und Einstellungen\BlochTh01\Lokale Einstellungen\Temp\IEPASS.abc (Malware.Trace) -> No action taken.
c:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\UuU.uUu (Malware.Trace) -> No action taken.
c:\Dokumente und Einstellungen\BlochTh01\Lokale Einstellungen\Temp\UuU.uUu (Malware.Trace) -> No action taken.
c:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\XxX.xXx (Malware.Trace) -> No action taken.
c:\Dokumente und Einstellungen\BlochTh01\Lokale Einstellungen\Temp\XxX.xXx (Malware.Trace) -> No action taken.

Chris4You · 05.08.2010, 10:19

Hi,

alles von MAM bereinigen lassen...

Lade Dir den Flash_disinfector auf den Desktop, starte ihn und folge den Anweisungen...
http://www.techsupportforum.com/sect...isinfector.exe
oder
http://www.trojaner-board.de/72847-f...absichern.html

1. Trenne den Rechner physikalisch vom Netz.
2. Deaktiviere den Hintergrundwächter deines AVP und (falls vorhanden) den TeaTimer.
3. Schließe jetzt alle externe Datenträger mit gedrückter Shift-Taste an Deinen Rechner (Autoplay wird unterbunden).
4. Starte den Flash Disinfector mit einem Doppelklick und folge ggf. den Anweisungen.
5. Wenn der Scan zuende ist, kannst du das Programm schließen.
6. Starte Deinen Rechner neu.

Danach bitte noch mit angeschlossenem USB-Stick noch mal MAM laufen lassen, dabei den Stick mit überprüfen lassen...

Als letztes noch das OTL-Log...

chris

bin jetzt für 2 h nicht da...

hmd608 · 05.08.2010, 10:32

Hier die OTL Ergebnisse als Dateianhang:

Chris4You · 05.08.2010, 10:33

Hi,

nicht nur die Extras, das "eigentliche" Log auch... ;o)...

chris

hmd608 · 05.08.2010, 10:34

und der zweite Teil

Die Datei ist zu gross, obwohl ich minimale Ausgabe gewählt habe.
Ich habe das Log auf zwei Posts aufgeteilt.

hmd608 · 05.08.2010, 11:01

OTL Extras logfile created on: 05.08.2010 11:57:21 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = c:\Dokumente und Einstellungen\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 130,92 Gb Free Space | 87,84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3,72 Gb Total Space | 0,59 Gb Free Space | 15,88% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WUNTR007
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:Empirum Remote Control 80
"2000:TCP" = 2000:TCP:*:Enabled:Empirum Remote Control 2000
"5985:TCP" = 5985:TCP:*:Enabled:Windows-Remoteverwaltung

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"80:TCP" = 80:TCP:*:Enabled:Empirum Remote Control 80
"2000:TCP" = 2000:TCP:*:Enabled:Empirum Remote Control 2000

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\McAfee\Common Framework\FrameworkService.exe" = C:\Programme\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
"C:\WINDOWS\system32\EMPIRUM\EmpirumRCHost.exe" = C:\WINDOWS\system32\EMPIRUM\EmpirumRCHost.exe:*:Enabled:Empirum Remote Control Host -- (matrix42 AG)
"C:\Programme\Symantec\pcAnywhere\awhost32.exe" = C:\Programme\Symantec\pcAnywhere\awhost32.exe:*

isabled

cAnywhere Host Service -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awrem32.exe" = C:\Programme\Symantec\pcAnywhere\awrem32.exe:*

isabled

cAnywhere Remote Service -- (Symantec Corporation)
"C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\EMPIRUM\EmpirumRCHost.exe" = C:\WINDOWS\system32\EMPIRUM\EmpirumRCHost.exe:*:Enabled:Empirum Remote Control Host -- (matrix42 AG)
"C:\Programme\Microsoft Office\Office14\GROOVE.EXE" = C:\Programme\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- File not found
"C:\Programme\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- File not found
"C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- File not found
"C:\Programme\Symantec\pcAnywhere\awhost32.exe" = C:\Programme\Symantec\pcAnywhere\awhost32.exe:*

isabled

cAnywhere Host Service -- (Symantec Corporation)
"C:\Programme\Symantec\pcAnywhere\awrem32.exe" = C:\Programme\Symantec\pcAnywhere\awrem32.exe:*

isabled

cAnywhere Remote Service -- (Symantec Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1129AB4F-BA74-4A7B-814A-732489A32B36}" = Royal TS
"{13054011-9646-4685-BC5A-8F6645189D29}" = MMC
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{27B3563C-561C-4924-8C0E-EA102264873F}" = Windows Server 2003 Service Pack 1 Administration Tools Pack
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44AFDB86-1509-4CDC-9B2E-1C73B2DEE5F0}" = Mobile Broadband Drivers
"{62A38EFA-3CA3-47AC-89CF-1A29F9AF0A62}" = DameWare NT Utilities
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = Accelerometer
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90530407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Standard 2003
"{99AA7E28-EE0F-4CB2-8C5B-3DD8FF42DD29}" = OZ776 SCR Driver V1.1.4.204
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = T-Mobile web'n'walk Manager
"{AC4600DB-4897-4EAF-B153-6335B9AA066D}" = GT HSDPA driver installer
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B639A4DE-A375-47D3-89C3-DDCF98D992F7}" = McAfee Agent
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1CCF2E9-4851-4783-8076-D9C3F7DDD487}" = Citrix XenApp Plugin für gehostete Anwendungen
"{C1E26EED-CC8B-4371-9CC7-AD8A5814B4B2}" = IE5 Registration
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CAFECAFE-0013-0001-0128-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.28
"{CF2FDB58-71B2-4AD4-8D28-38EF71DE2F6C}" = Lotus Notes 7.0.2 de
"{DE002866-428A-4656-A4D3-12505C6DF2CF}" = WebEx Productivity Tools
"{E05E8183-866A-11D3-97DF-0000F8D8F2E9}" = Symantec pcAnywhere
"{E0BD191D-8B19-47FC-9D61-A8076C3F7D32}" = MobileSoftwareSuite
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Systems Incorporated Adobe Reader 9.1 9.1.0" = Adobe Reader 9.1 9.1.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Huawei Modems" = Huawei modem
"IBM Lotus Notes Client de" = Lotus Notes Client de 7.02.6269
"InstallShield_{99AA7E28-EE0F-4CB2-8C5B-3DD8FF42DD29}" = OZ776 SCR Driver V1.1.4.204
"Irfan Skiljan IrfanView" = IrfanView 3.98
"Juniper Network Connect 6.4.0" = Juniper Networks Network Connect 6.4.0
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"matrix42 Empirum Remote Control Host" = Empirum Remote Control Host 2.2
"matrix42 Empirum Remote Control Master" = Empirum Remote Control Master 2.1
"matrix42 PM2Client" = PM2Client 10.5
"MC Afee Inc MC Afee 4.0" = MC Afee 4.0
"Microsoft Microsoft Office Professional Edition 2003 11.0.5614.0" = Microsoft Office Professional Edition 2003 11.0.5614.0
"MISDATA Private und Publicdatavars" = Private und Publicdatavars 1.0
"MS Internet Explorer" = Internet Explorer 6.01
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Novatel_V20051Installer" = Novatel driver package V2.00.51
"OptionHsxpa72_PCCardInstaller" = Option Globetrotter HSXPA 7.2 PC-Cards
"OptionPCCardInstaller_tmcc" = Option PC Cards driver package
"OptionPluss_PCCardInstaller" = Option GT HSDPA driver suit
"PRJPRO" = Microsoft Office Project Professional 2007
"Siemens Siemens Deskupdate" = Siemens Deskupdate 1.0
"Sun Java Runtime Environment" = Java Runtime Environment 1.6.0.30
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 5" = TeamViewer 5
"VION Branding" = Branding 1.0
"VION LS Screensaver" = LS Screensaver 1.2
"VION Screensaver" = VION Screensaver
"VION VION Screensaver 1.0" = VION Screensaver 1.0
"VIONIT MMC" = MMC 2.0.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinVNC_is1" = VNC 3.3.7
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

hmd608 · 05.08.2010, 11:02

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.08.2010 02:33:07 | Computer Name = WUNTR007 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .

Error - 05.08.2010 02:33:07 | Computer Name = WUNTR007 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .

Error - 05.08.2010 02:33:07 | Computer Name = WUNTR007 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der angegebene Server kann den angeforderten
Vorgang nicht ausführen. .

Error - 05.08.2010 02:39:36 | Computer Name = WUNTR007 | Source = UserInit | ID = 1000
Description = Folgendes Skript konnte nicht ausgeführt werden: \\Domone.Global.loc\SYSVOL\Domone.Global.loc\scripts\netlogon.cmd.
Der Netzwerkpfad wurde nicht gefunden.

Error - 05.08.2010 02:39:36 | Computer Name = WUNTR007 | Source = UserInit | ID = 1000
Description = Folgendes Skript konnte nicht ausgeführt werden: \\Domone.Global.loc\SysVol\Domone.Global.loc\scripts\BlochTh01.cmd.
Der Netzwerkpfad wurde nicht gefunden.

Error - 05.08.2010 02:45:11 | Computer Name = WUNTR007 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.

Error - 05.08.2010 02:45:56 | Computer Name = WUNTR007 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msnmsgr.exe, Version 2.25.0.23, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.

Error - 05.08.2010 02:45:56 | Computer Name = WUNTR007 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung msnmsgr.exe, Version 2.25.0.23, fehlgeschlagenes
Modul , Version 0.0.0.0, Fehleradresse 0x00000000.

Error - 05.08.2010 03:49:05 | Computer Name = WUNTR007 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung SpyHunter-Installer.exe, Version 2.0.1.0,
Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 05.08.2010 05:42:22 | Computer Name = WUNTR007 | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "lokaler Computer" konnte
keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene Domäne
ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden. Die Registrierung
wird nicht durchgeführt.

[ System Events ]
Error - 20.07.2010 21:10:15 | Computer Name = WUNTR007 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne DE_WUNSTORF_MIS aus
folgendem Grund zur Verfügung: %%1311. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator,
wenn das Problem weiterhin besteht.

Error - 20.07.2010 21:58:29 | Computer Name = WUNTR007 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.180 für die Netzwerkkarte mit der Netzwerkadresse
00216A72C93C wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 04.08.2010 05:04:50 | Computer Name = WUNTR007 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 172.17.20.83 für die Netzwerkkarte mit der Netzwerkadresse
001E330F8707 wurde durch den DHCP-Server 172.17.0.29 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 04.08.2010 05:04:59 | Computer Name = WUNTR007 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.102 für die Netzwerkkarte mit der Netzwerkadresse
00216A72C93C wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 04.08.2010 05:06:18 | Computer Name = WUNTR007 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne DE_WUNSTORF_MIS aus
folgendem Grund zur Verfügung: %%1722. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator,
wenn das Problem weiterhin besteht.

Error - 05.08.2010 02:31:41 | Computer Name = WUNTR007 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne DE_WUNSTORF_MIS aus
folgendem Grund zur Verfügung: %%1722. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator,
wenn das Problem weiterhin besteht.

Error - 05.08.2010 02:37:01 | Computer Name = WUNTR007 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne DE_WUNSTORF_MIS aus
folgendem Grund zur Verfügung: %%1311. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator,
wenn das Problem weiterhin besteht.

Error - 05.08.2010 03:49:30 | Computer Name = WUNTR007 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 172.17.0.141 für die Netzwerkkarte mit der Netzwerkadresse
001E330F8707 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 05.08.2010 05:16:18 | Computer Name = WUNTR007 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 172.17.0.141 für die Netzwerkkarte mit der Netzwerkadresse
001E330F8707 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 05.08.2010 05:42:21 | Computer Name = WUNTR007 | Source = NETLOGON | ID = 5719
Description = Es steht kein Domänencontroller für die Domäne DE_WUNSTORF_MIS aus
folgendem Grund zur Verfügung: %%1311. Stellen Sie sicher, dass der Computer mit
dem Netzwerk verbunden ist, und versuchen Sie es erneut. Wenden Sie sich an den Domänenadministrator,
wenn das Problem weiterhin besteht.

< End of report >

hmd608 · 05.08.2010, 11:23

Also mein USB Stick scheint jetzt wieder clean zu sein. Nachdem das Tool in bereinigt hatte, fand ich die Datei noch im Recycler Ordner. Jetzt habe ich ihn gekillt. Bleibt noch die Frage wie ich ihn vom Laptop und von meinem PC runterbekomme.

Chris4You · 05.08.2010, 13:13

Hi,

ich brauch nicht nur das File "extras.txt" von OTL sondern auch "OTL.txt", da sind die Startpunkte etc. drin.

Hast Du MAM alles bereinigen lassen? In den vorhergehenden LOG wurde das nicht gemacht (no action taken!), unbedingt nachholen!

Dann bitte ein komplettes neues OTL-Log erstellen und beide Files posten!

chris

hmd608 · 05.08.2010, 14:05

Hi,
das mit der Bereinigung habe ich wirklich verpennt. Hier jetzt nochmal die Ergebnisse. Da die otl.txt über 200kb groß ist splitte ich sie wieder in zwei treats.

OTL logfile created on: 05.08.2010 14:49:07 - Run 3
OTL by OldTimer - Version 3.2.9.1 Folder = c:\Dokumente und Einstellungen\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 130,90 Gb Free Space | 87,83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: WUNTR007
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - c:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Huawei Modems\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - c:\Programme\McAfee\Common Framework\McTray.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
PRC - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan Enterprise\mfeann.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan Enterprise\EngineServer.exe (McAfee, Inc.)
PRC - C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Programme\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe (Fujitsu Technology Solutions)
PRC - C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe (Fujitsu Technology Solutions)
PRC - C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\CnMdKHkH.exe\1.01\CnMdKHkH.exe (Fujitsu Technology Solutions)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\EMPIRUM\SETUPSVC.EXE (matrix42 AG)
PRC - C:\Programme\T-Mobile\web'n'walk Manager\AutoUpdateSrv.exe (Birdstep Technology)
PRC - C:\WINDOWS\system32\EMPIRUM\PBackup.exe (matrix42 AG)
PRC - C:\WINDOWS\system32\EMPIRUM\SWDEPOT.EXE (matrix42 AG)
PRC - C:\Programme\Gemeinsame Dateien\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
PRC - C:\WINDOWS\system32\EMPIRUM\EMPAUTSVC.EXE (matrix42 AG)
PRC - C:\WINDOWS\system32\EMPIRUM\EmpInventory.exe (matrix42 AG)
PRC - C:\Program Files\Lotus\Notes7.0.2\ntmulti.exe (IBM Corp)
PRC - C:\Program Files\Lotus\Notes7.0.2\nsl.exe (IBM Corp)
PRC - C:\Program Files\Lotus\Notes7.0.2\nslsvice.exe (IBM Corp)
PRC - C:\WINDOWS\system32\EMPIRUM\EmpirumRCHost.exe (matrix42 AG)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Programme\RealVNC\WinVNC\winvnc.exe (RealVNC Ltd.)

========== Modules (SafeList) ==========

MOD - c:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\mfc42.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\EMPAUT.DLL (matrix42 AG)
MOD - C:\WINDOWS\system32\mfc42loc.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (McTaskManager) -- C:\Programme\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (McAfeeFramework) -- c:\Programme\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan Enterprise\Mcshield.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SRV - (McAfeeEngineService) -- C:\Programme\McAfee\VirusScan Enterprise\EngineServer.exe (McAfee, Inc.)
SRV - (dsNcService) -- C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (HaMDevMg.1.01) -- C:\Programme\Gemeinsame Dateien\Fujitsu\Manageability\HaMDevMg.exe\1.01\HaMDevMg.exe (Fujitsu Technology Solutions)
SRV - (SetupService) -- C:\WINDOWS\system32\EMPIRUM\SETUPSVC.EXE (matrix42 AG)
SRV - (GtFlashSwitch) -- C:\Programme\Gemeinsame Dateien\GtFlashSwitch\GtFlashSwitch.exe (OptionNV)
SRV - (MATRIXAUT) -- C:\WINDOWS\system32\EMPIRUM\EMPAUTSVC.EXE (matrix42 AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Multi-user Cleanup Service) -- C:\program files\lotus\notes7.0.2\ntmulti.exe (IBM Corp)
SRV - (Lotus Notes Single Logon) -- C:\program files\lotus\notes7.0.2\nslsvice.exe (IBM Corp)
SRV - (EmpirumRC_Service) -- C:\WINDOWS\System32\Empirum\EmpirumRCHost.exe (matrix42 AG)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (awhost32) -- C:\Programme\Symantec\pcAnywhere\awhost32.exe (Symantec Corporation)
SRV - (winvnc) -- C:\Programme\RealVNC\WinVNC\WinVNC.exe (RealVNC Ltd.)

========== Driver Services (SafeList) ==========

DRV - (PCASp50) -- C:\WINDOWS\System32\Drivers\PCASp50.sys File not found
DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV - (SymEvent) -- C:\Programme\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SniDmi) -- C:\WINDOWS\system32\drivers\snidmi.sys (Fujitsu Siemens Computers)
DRV - (mfehidk) -- C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\WINDOWS\system32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\WINDOWS\system32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\WINDOWS\system32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\WINDOWS\system32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\WINDOWS\system32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (NEOFLTR_640_14619) Juniper Networks TDI Filter Driver (NEOFLTR_640_14619) -- C:\WINDOWS\system32\drivers\NEOFLTR_640_14619.sys (Juniper Networks)
DRV - (dsNcAdpt) -- C:\WINDOWS\system32\drivers\dsNcAdpt.sys (Juniper Networks)
DRV - (FscGabi) -- C:\WINDOWS\system32\drivers\FscGabi.sys (Fujitsu Technology Solutions)
DRV - (FSCSLII) -- C:\WINDOWS\system32\drivers\FSCSLII.sys (Fujitsu)
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (guardian2) -- C:\WINDOWS\system32\drivers\oz776.sys (O2Micro)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Acceler) -- C:\WINDOWS\system32\drivers\Acceler.sys (ST Microelectronics)
DRV - (stdflt) -- C:\WINDOWS\system32\DRIVERS\stdflt.sys (ST Microelectronics)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (e1yexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- C:\WINDOWS\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (mdvdrv) -- C:\WINDOWS\system32\drivers\mdvdrv.sys ()
DRV - (mdvrmng) -- C:\WINDOWS\system32\drivers\mdvrmng.sys ()
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (dac2w2k) -- C:\WINDOWS\System32\drivers\dac2w2k.sys (Mylex Corporation)
DRV - (ql1280) -- C:\WINDOWS\System32\drivers\ql1280.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\System32\drivers\ql1080.sys (QLogic Corporation)
DRV - (ultra) -- C:\WINDOWS\System32\drivers\ultra.sys (Promise Technology, Inc.)
DRV - (symc8xx) -- C:\WINDOWS\System32\drivers\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\System32\drivers\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\System32\drivers\sym_hi.sys (LSI Logic)
DRV - (asc) -- C:\WINDOWS\System32\drivers\asc.sys (Advanced System Products, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\System32\drivers\sparrow.sys (Adaptec, Inc.)
DRV - (mraid35x) -- C:\WINDOWS\System32\drivers\mraid35x.sys (American Megatrends Inc.)
DRV - (symc810) -- C:\WINDOWS\System32\drivers\symc810.sys (Symbios Logic Inc.)
DRV - (asc3550) -- C:\WINDOWS\System32\drivers\asc3550.sys (Advanced System Products, Inc.)
DRV - (AW_HOST) -- C:\WINDOWS\system32\drivers\AW_HOST5.sys (Symantec Corporation)
DRV - (awlegacy) -- C:\WINDOWS\System32\Drivers\awlegacy.sys (Symantec Corporation)
DRV - (Gernuwa) -- C:\WINDOWS\System32\drivers\GERNUWA.sys (Symantec Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vion-Line
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 172.17.*.*;192.168.151.*;vion-line;*.intra;192.168.44.*;172.16.*.*;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 81.7.200.82:3128

O1 HOSTS File: ([2010.08.05 09:53:18 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 loc
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Programme\WebEx\Productivity Tools\ptonecli.dll ()
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\Programme\WebEx\Productivity Tools\ptonecli.dll ()
O4 - HKLM..\Run: [_UserEnv] C:\WINDOWS\system32\EMPIRUM\ENV.EXE (matrix42 AG)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [COMImpersonator] C:\Programme\Fujitsu\Mobile Software Suite\Common\UiMdmTip\UIMdmTip.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [DataCardMonitor] C:\Programme\Huawei Modems\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] c:\Programme\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RunSWDepot1] File not found
O4 - HKLM..\Run: [RunSWDepot2] File not found
O4 - HKLM..\Run: [ShStatEXE] c:\Programme\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [WinVNC] C:\Programme\RealVNC\WinVNC\WinVNC.exe (RealVNC Ltd.)
O4 - Startup: c:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Aktualisierungsagent.lnk = C:\Programme\T-Mobile\web'n'walk Manager\AutoUpdateSrv.exe (Birdstep Technology)
O4 - Startup: c:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Inventory.lnk = C:\WINDOWS\system32\EMPIRUM\EmpInventory.exe (matrix42 AG)
O4 - Startup: c:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Personal Backup.lnk = C:\WINDOWS\system32\EMPIRUM\PBackup.exe (matrix42 AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O15 - HKLM\..Trusted Domains: wundm001 ([]file in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} hxxp://viper.vionfood.local/forms/jinitiator/jinit.exe (JInitiator 1.3.1.28)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://vion-support.webex.com/client/upgradeserver/client/ptool/T27L10NSP11EP15-6316/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://employees.vionfood.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\WINDOWS\System32\PCANotify.dll (Symantec Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.05 09:53:18 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.08.05 11:38:55 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.08.05 12:19:07 | 000,000,000 | --SD | C] -- c:\Dokumente und Einstellungen\Administrator\UserData
[2010.08.05 11:38:55 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.08.05 11:19:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.08.05 11:19:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.08.05 10:24:51 | 000,574,976 | ---- | C] (OldTimer Tools) -- c:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
[2010.08.05 10:21:47 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
[2010.08.05 10:21:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.05 10:21:26 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.05 10:21:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.05 10:21:24 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.05 10:18:04 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- c:\Dokumente und Einstellungen\Administrator\Desktop\mbam-setup.exe
[2010.08.05 09:53:07 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2010.08.05 09:52:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\95431C66CF9A4913BFFF6050785AFB65.TMP
[2010.08.05 09:52:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2010.08.05 09:43:21 | 000,662,872 | ---- | C] (Enigma Software Group USA, LLC.) -- c:\Dokumente und Einstellungen\Administrator\Desktop\SpyHunter-Installer.exe
[2010.08.05 09:06:06 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.08.05 09:05:53 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- c:\Dokumente und Einstellungen\Administrator\Desktop\HJTInstall.exe
[2010.08.04 15:32:01 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2010.08.04 13:27:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.08.04 12:32:42 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010.08.04 12:32:39 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010.08.04 12:32:34 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010.08.04 12:32:30 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010.08.04 12:32:27 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010.08.04 12:32:26 | 000,019,455 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010.08.04 12:32:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010.08.04 12:32:23 | 000,012,063 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010.08.04 12:32:09 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010.08.04 12:32:08 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010.08.04 12:32:05 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010.08.04 12:31:56 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010.08.04 12:31:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010.08.04 12:31:50 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010.08.04 12:31:45 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010.08.04 12:31:45 | 000,023,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010.08.04 12:31:44 | 000,032,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010.08.04 12:31:42 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010.08.04 12:31:40 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2010.08.04 12:31:40 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2010.08.04 12:31:39 | 000,033,599 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010.08.04 12:31:39 | 000,019,551 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010.08.04 12:31:38 | 000,029,311 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010.08.04 12:31:37 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2010.08.04 12:31:37 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2010.08.04 12:31:37 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2010.08.04 12:31:36 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2010.08.04 12:31:36 | 000,011,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010.08.04 12:31:35 | 000,012,415 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010.08.04 12:31:35 | 000,012,127 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010.08.04 12:31:34 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2010.08.04 12:31:30 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010.08.04 12:31:28 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010.08.04 12:31:25 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010.08.04 12:31:21 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010.08.04 12:31:18 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010.08.04 12:31:11 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010.08.04 12:31:08 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010.08.04 12:31:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010.08.04 12:31:05 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010.08.04 12:31:04 | 000,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaagp.sys
[2010.08.04 12:31:04 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010.08.04 12:31:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010.08.04 12:31:02 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2010.08.04 12:30:59 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010.08.04 12:30:56 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010.08.04 12:30:53 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010.08.04 12:30:51 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010.08.04 12:30:48 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010.08.04 12:30:45 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010.08.04 12:30:43 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010.08.04 12:30:40 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010.08.04 12:30:39 | 000,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2010.08.04 12:30:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010.08.04 12:30:38 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.08.04 12:30:38 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2010.08.04 12:30:38 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010.08.04 12:30:37 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010.08.04 12:30:36 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2010.08.04 12:30:35 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010.08.04 12:30:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010.08.04 12:30:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010.08.04 12:30:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010.08.04 12:30:23 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010.08.04 12:30:20 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010.08.04 12:30:18 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010.08.04 12:30:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010.08.04 12:30:13 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010.08.04 12:30:10 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010.08.04 12:30:08 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010.08.04 12:30:06 | 000,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2010.08.04 12:30:04 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010.08.04 12:29:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010.08.04 12:29:51 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010.08.04 12:29:49 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010.08.04 12:29:46 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010.08.04 12:29:44 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010.08.04 12:29:42 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010.08.04 12:29:39 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010.08.04 12:29:36 | 000,043,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010.08.04 12:29:35 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010.08.04 12:29:33 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010.08.04 12:29:29 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010.08.04 12:29:27 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010.08.04 12:29:25 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010.08.04 12:29:22 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010.08.04 12:29:18 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010.08.04 12:29:14 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010.08.04 12:29:12 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010.08.04 12:29:11 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010.08.04 12:29:08 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010.08.04 12:29:05 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010.08.04 12:29:01 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010.08.04 12:28:57 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010.08.04 12:28:55 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010.08.04 12:28:52 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010.08.04 12:28:47 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010.08.04 12:28:44 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010.08.04 12:28:42 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010.08.04 12:28:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010.08.04 12:28:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010.08.04 12:28:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010.08.04 12:28:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010.08.04 12:28:32 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010.08.04 12:28:30 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010.08.04 12:28:28 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010.08.04 12:28:25 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010.08.04 12:28:22 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010.08.04 12:28:17 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010.08.04 12:28:14 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010.08.04 12:28:10 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010.08.04 12:28:05 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010.08.04 12:28:03 | 000,110,680 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010.08.04 12:28:00 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010.08.04 12:27:58 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010.08.04 12:27:56 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010.08.04 12:27:54 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010.08.04 12:27:52 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010.08.04 12:27:51 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010.08.04 12:27:48 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010.08.04 12:27:40 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010.08.04 12:27:37 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010.08.04 12:27:35 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010.08.04 12:27:32 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010.08.04 12:27:30 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010.08.04 12:27:28 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010.08.04 12:27:27 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010.08.04 12:27:27 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010.08.04 12:27:27 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2010.08.04 12:27:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010.08.04 12:27:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010.08.04 12:27:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010.08.04 12:27:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010.08.04 12:27:14 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2010.08.04 12:27:14 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2010.08.04 12:27:13 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2010.08.04 12:27:13 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2010.08.04 12:27:13 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2010.08.04 12:27:12 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2010.08.04 12:27:12 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2010.08.04 12:27:12 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010.08.04 12:27:11 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2010.08.04 12:27:11 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2010.08.04 12:27:10 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010.08.04 12:27:08 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010.08.04 12:27:06 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010.08.04 12:27:04 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010.08.04 12:27:01 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010.08.04 12:27:01 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010.08.04 12:26:59 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010.08.04 12:26:56 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010.08.04 12:26:56 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisagp.sys
[2010.08.04 12:26:54 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010.08.04 12:26:52 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010.08.04 12:26:49 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010.08.04 12:26:47 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010.08.04 12:26:46 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\siint5.dll
[2010.08.04 12:26:39 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010.08.04 12:26:36 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010.08.04 12:26:34 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010.08.04 12:26:32 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010.08.04 12:26:30 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010.08.04 12:26:25 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010.08.04 12:26:23 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010.08.04 12:26:13 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010.08.04 12:26:13 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010.08.04 12:26:10 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010.08.04 12:26:07 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010.08.04 12:26:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010.08.04 12:26:02 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010.08.04 12:26:00 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010.08.04 12:25:59 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010.08.04 12:25:57 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010.08.04 12:25:53 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010.08.04 12:25:51 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010.08.04 12:25:49 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010.08.04 12:25:47 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010.08.04 12:25:45 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010.08.04 12:25:43 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010.08.04 12:25:40 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010.08.04 12:25:38 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010.08.04 12:25:36 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010.08.04 12:25:34 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010.08.04 12:25:32 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010.08.04 12:25:30 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010.08.04 12:25:29 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnb.dll
[2010.08.04 12:25:29 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnbm.sys
[2010.08.04 12:25:27 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010.08.04 12:25:25 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010.08.04 12:25:23 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010.08.04 12:25:23 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010.08.04 12:25:20 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010.08.04 12:25:18 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010.08.04 12:25:15 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010.08.04 12:25:12 | 000,010,752 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010.08.04 12:25:09 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010.08.04 12:25:06 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010.08.04 12:25:06 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2010.08.04 12:25:03 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010.08.04 12:24:55 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2010.08.04 12:24:50 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010.08.04 12:24:46 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010.08.04 12:24:44 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010.08.04 12:24:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010.08.04 12:24:39 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010.08.04 12:24:34 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010.08.04 12:24:33 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010.08.04 12:24:30 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010.08.04 12:24:28 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010.08.04 12:24:26 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010.08.04 12:24:25 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010.08.04 12:24:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010.08.04 12:24:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010.08.04 12:24:17 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010.08.04 12:24:14 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010.08.04 12:24:12 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010.08.04 12:24:12 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010.08.04 12:24:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010.08.04 12:24:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010.08.04 12:24:00 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010.08.04 12:23:58 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010.08.04 12:23:56 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010.08.04 12:23:54 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010.08.04 12:23:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010.08.04 12:23:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010.08.04 12:23:49 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) --

hmd608 · 05.08.2010, 14:08

C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010.08.04 12:23:48 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010.08.04 12:23:48 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010.08.04 12:23:48 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010.08.04 12:23:45 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010.08.04 12:23:44 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010.08.04 12:23:42 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010.08.04 12:23:40 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010.08.04 12:23:38 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010.08.04 12:23:36 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010.08.04 12:23:34 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010.08.04 12:23:32 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2010.08.04 12:23:31 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010.08.04 12:23:29 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010.08.04 12:23:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010.08.04 12:23:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010.08.04 12:23:14 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010.08.04 12:23:12 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010.08.04 12:23:10 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010.08.04 12:23:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010.08.04 12:23:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010.08.04 12:23:04 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010.08.04 12:23:02 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010.08.04 12:23:00 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010.08.04 12:22:58 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010.08.04 12:22:55 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010.08.04 12:22:51 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010.08.04 12:22:49 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010.08.04 12:22:44 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010.08.04 12:22:43 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010.08.04 12:22:41 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010.08.04 12:22:39 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010.08.04 12:22:37 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2010.08.04 12:22:33 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010.08.04 12:22:29 | 000,009,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010.08.04 12:22:27 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010.08.04 12:22:26 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010.08.04 12:22:22 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010.08.04 12:22:20 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010.08.04 12:22:17 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010.08.04 12:22:13 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010.08.04 12:22:09 | 000,065,406 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010.08.04 12:22:06 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010.08.04 12:22:04 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010.08.04 12:22:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010.08.04 12:22:02 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010.08.04 12:21:59 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010.08.04 12:21:57 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010.08.04 12:21:55 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010.08.04 12:21:53 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010.08.04 12:21:51 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010.08.04 12:21:50 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010.08.04 12:21:48 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010.08.04 12:21:46 | 000,130,048 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010.08.04 12:21:43 | 000,053,279 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010.08.04 12:21:41 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010.08.04 12:21:39 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010.08.04 12:21:37 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010.08.04 12:21:35 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010.08.04 12:21:33 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010.08.04 12:21:33 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2010.08.04 12:21:30 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2010.08.04 12:21:30 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010.08.04 12:21:29 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2010.08.04 12:21:29 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2010.08.04 12:21:28 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2010.08.04 12:21:27 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2010.08.04 12:21:22 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010.08.04 12:21:21 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010.08.04 12:21:17 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010.08.04 12:21:11 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010.08.04 12:21:10 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010.08.04 12:21:03 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010.08.04 12:21:00 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010.08.04 12:20:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010.08.04 12:20:52 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010.08.04 12:20:48 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010.08.04 12:20:43 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010.08.04 12:20:38 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010.08.04 12:20:36 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010.08.04 12:20:35 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010.08.04 12:20:33 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010.08.04 12:20:31 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010.08.04 12:20:28 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010.08.04 12:20:25 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010.08.04 12:20:22 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010.08.04 12:20:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010.08.04 12:20:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010.08.04 12:20:16 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010.08.04 12:20:16 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010.08.04 12:20:13 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010.08.04 12:20:11 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010.08.04 12:20:11 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010.08.04 12:20:10 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010.08.04 12:20:08 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010.08.04 12:20:08 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010.08.04 12:20:06 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010.08.04 12:20:03 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010.08.04 12:19:59 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010.08.04 12:19:57 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010.08.04 12:19:55 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010.08.04 12:19:53 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010.08.04 12:19:52 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010.08.04 12:19:50 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010.08.04 12:19:48 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010.08.04 12:19:48 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010.08.04 12:19:47 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010.08.04 12:19:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010.08.04 12:19:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010.08.04 12:19:42 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010.08.04 12:19:41 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010.08.04 12:19:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010.08.04 12:19:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010.08.04 12:19:30 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010.08.04 12:19:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2010.08.04 12:19:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010.08.04 12:19:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010.08.04 12:19:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010.08.04 12:19:16 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010.08.04 12:19:14 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010.08.04 12:19:12 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010.08.04 12:19:12 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010.08.04 12:19:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2010.08.04 12:19:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010.08.04 12:19:06 | 000,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010.08.04 12:19:04 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010.08.04 12:19:03 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010.08.04 12:19:01 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2010.08.04 12:18:59 | 000,013,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010.08.04 12:18:42 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010.08.04 12:18:40 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010.08.04 12:18:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010.08.04 12:18:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010.08.04 12:18:35 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010.08.04 12:18:33 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010.08.04 12:18:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010.08.04 12:18:30 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010.08.04 12:18:28 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010.08.04 12:18:26 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010.08.04 12:18:25 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010.08.04 12:18:23 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010.08.04 12:18:21 | 000,010,240 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010.08.04 12:18:20 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010.08.04 12:18:18 | 000,702,845 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010.08.04 12:18:18 | 000,161,020 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010.08.04 12:18:16 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010.08.04 12:18:15 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010.08.04 12:18:14 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010.08.04 12:18:00 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2010.08.04 12:18:00 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2010.08.04 12:17:59 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2010.08.04 12:17:58 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2010.08.04 12:17:57 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010.08.04 12:17:55 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010.08.04 12:17:53 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010.08.04 12:17:52 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010.08.04 12:17:50 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010.08.04 12:17:48 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010.08.04 12:17:47 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010.08.04 12:17:45 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010.08.04 12:17:43 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010.08.04 12:17:42 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010.08.04 12:17:40 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010.08.04 12:17:39 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010.08.04 12:17:37 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010.08.04 12:17:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010.08.04 12:17:33 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010.08.04 12:17:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010.08.04 12:17:29 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010.08.04 12:17:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010.08.04 12:17:26 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010.08.04 12:17:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010.08.04 12:17:20 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010.08.04 12:17:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010.08.04 12:17:13 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010.08.04 12:17:10 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010.08.04 12:17:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010.08.04 12:17:07 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010.08.04 12:17:06 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2010.08.04 12:17:05 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010.08.04 12:17:04 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2010.08.04 12:17:04 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010.08.04 12:17:00 | 000,908,352 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010.08.04 12:16:58 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010.08.04 12:16:57 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010.08.04 12:16:55 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010.08.04 12:16:53 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010.08.04 12:16:53 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010.08.04 12:16:52 | 000,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys
[2010.08.04 12:16:51 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010.08.04 12:16:49 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010.08.04 12:16:48 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010.08.04 12:16:46 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010.08.04 12:16:45 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010.08.04 12:16:36 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010.08.04 12:16:35 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010.08.04 12:16:34 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010.08.04 12:16:30 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010.08.04 12:16:28 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010.08.04 12:16:26 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010.08.04 12:16:25 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010.08.04 12:16:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010.08.04 12:16:20 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010.08.04 12:16:16 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010.08.04 12:16:13 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010.08.04 12:16:12 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010.08.04 12:16:11 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010.08.04 12:16:09 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010.08.04 12:16:07 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010.08.04 12:16:06 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010.08.04 12:16:02 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010.08.04 12:16:00 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010.08.04 12:15:59 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010.08.04 12:15:55 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010.08.04 12:15:55 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010.08.04 12:15:53 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010.08.04 12:15:51 | 000,347,870 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010.08.04 12:15:50 | 000,594,558 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010.08.04 12:15:48 | 000,595,999 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010.08.04 12:15:47 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010.08.04 12:15:45 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010.08.04 12:15:44 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010.08.04 12:15:43 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010.08.04 12:15:41 | 000,062,464 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010.08.04 12:15:40 | 000,052,224 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010.08.04 12:15:38 | 000,053,760 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010.08.04 12:15:36 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010.08.04 12:15:35 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010.08.04 12:15:34 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010.08.04 12:15:33 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010.08.04 12:15:32 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010.08.04 12:15:29 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010.08.04 12:15:28 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010.08.04 12:15:27 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010.08.04 12:15:26 | 000,176,128 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010.08.04 12:15:25 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010.08.04 12:15:24 | 000,455,711 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010.08.04 12:15:23 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010.08.04 12:15:22 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010.08.04 12:15:21 | 000,241,270 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010.08.04 12:15:20 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010.08.04 12:15:19 | 000,634,198 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010.08.04 12:15:18 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010.08.04 12:15:17 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010.08.04 12:15:16 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010.08.04 12:15:16 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010.08.04 12:15:15 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010.08.04 12:15:14 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010.08.04 12:15:06 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010.08.04 12:15:05 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010.08.04 12:15:04 | 000,051,743 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010.08.04 12:15:00 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010.08.04 12:14:59 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010.08.04 12:14:54 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010.08.04 12:14:53 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010.08.04 12:14:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010.08.04 12:14:52 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010.08.04 12:14:51 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010.08.04 12:14:46 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010.08.04 12:14:46 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010.08.04 12:14:45 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010.08.04 12:14:44 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010.08.04 12:14:41 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010.08.04 12:14:40 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010.08.04 12:14:38 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010.08.04 12:14:37 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010.08.04 12:14:36 | 000,626,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010.08.04 12:14:35 | 000,042,880 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010.08.04 12:14:34 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010.08.04 12:14:33 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010.08.04 12:14:32 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010.08.04 12:14:32 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010.08.04 12:14:31 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010.08.04 12:14:30 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010.08.04 12:14:29 | 000,090,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010.08.04 12:14:27 | 000,103,524 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010.08.04 12:14:26 | 000,135,252 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010.08.04 12:14:26 | 000,038,087 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010.08.04 12:14:25 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010.08.04 12:14:22 | 000,424,477 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010.08.04 12:14:21 | 000,029,851 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010.08.04 12:14:20 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010.08.04 12:14:19 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010.08.04 12:14:18 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010.08.04 12:14:17 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010.08.04 12:14:16 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010.08.04 12:14:15 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010.08.04 12:14:14 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010.08.04 12:14:13 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010.08.04 12:14:12 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010.08.04 12:14:12 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010.08.04 12:14:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010.08.04 12:14:06 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010.08.04 12:14:05 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010.08.04 12:14:04 | 000,050,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010.08.04 12:14:03 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010.08.04 12:14:03 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010.08.04 12:14:02 | 000,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010.08.04 12:14:01 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010.08.04 12:14:00 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010.08.04 12:13:59 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010.08.04 12:13:59 | 000,017,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010.08.04 12:13:58 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010.08.04 12:13:58 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010.08.04 12:13:57 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010.08.04 12:13:56 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010.08.04 12:13:55 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010.08.04 12:13:54 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010.08.04 12:13:54 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010.08.04 12:13:53 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010.08.04 12:13:53 | 000,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010.08.04 12:13:52 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010.08.04 12:13:51 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010.08.04 12:13:50 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010.08.04 12:13:48 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010.08.04 12:13:47 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010.08.04 12:13:46 | 000,061,130 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010.08.04 12:13:45 | 000,022,045 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010.08.04 12:13:39 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010.08.04 12:13:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010.08.04 12:13:35 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010.08.04 12:13:34 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010.08.04 12:13:32 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010.08.04 12:13:31 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010.08.04 12:13:31 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010.08.04 12:13:30 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010.08.04 12:13:30 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010.08.04 12:13:28 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010.08.04 12:13:27 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010.08.04 12:13:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.08.04 12:13:20 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\ch7xxnt5.dll
[2010.08.04 12:13:19 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010.08.04 12:13:18 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010.08.04 12:13:17 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010.08.04 12:13:17 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010.08.04 12:13:16 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010.08.04 12:13:15 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010.08.04 12:13:14 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010.08.04 12:13:14 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010.08.04 12:13:13 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010.08.04 12:13:13 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010.08.04 12:13:12 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010.08.04 12:13:11 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010.08.04 12:13:10 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010.08.04 12:13:09 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010.08.04 12:13:09 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010.08.04 12:13:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010.08.04 12:13:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010.08.04 12:13:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010.08.04 12:13:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010.08.04 12:13:07 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010.08.04 12:13:06 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010.08.04 12:12:54 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010.08.04 12:12:53 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2010.08.04 12:12:53 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2010.08.04 12:12:52 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010.08.04 12:12:52 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010.08.04 12:12:52 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010.08.04 12:12:51 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010.08.04 12:12:51 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010.08.04 12:12:50 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010.08.04 12:12:50 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010.08.04 12:12:49 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010.08.04 12:12:48 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010.08.04 12:12:48 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010.08.04 12:12:47 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010.08.04 12:12:47 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010.08.04 12:12:46 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010.08.04 12:12:46 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010.08.04 12:12:46 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010.08.04 12:12:45 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010.08.04 12:12:45 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010.08.04 12:12:44 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010.08.04 12:12:44 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010.08.04 12:12:42 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010.08.04 12:12:41 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010.08.04 12:12:41 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010.08.04 12:12:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010.08.04 12:12:41 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010.08.04 12:12:40 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010.08.04 12:12:40 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010.08.04 12:12:37 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010.08.04 12:12:37 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010.08.04 12:12:36 | 000,097,440 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010.08.04 12:12:36 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010.08.04 12:12:36 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010.08.04 12:12:35 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010.08.04 12:12:35 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010.08.04 12:12:34 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010.08.04 12:12:33 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010.08.04 12:12:33 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010.08.04 12:12:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010.08.04 12:12:30 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\atv10nt5.dll
[2010.08.04 12:12:29 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\atv04nt5.dll
[2010.08.04 12:12:29 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\atv06nt5.dll
[2010.08.04 12:12:28 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\atv01nt5.dll
[2010.08.04 12:12:28 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\atv02nt5.dll
[2010.08.04 12:12:25 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2010.08.04 12:12:24 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2010.08.04 12:12:23 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2010.08.04 12:12:22 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2010.08.04 12:12:20 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010.08.04 12:12:20 | 000,070,784 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010.08.04 12:12:19 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2010.08.04 12:12:19 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2010.08.04 12:12:18 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2010.08.04 12:12:18 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2010.08.04 12:12:17 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2010.08.04 12:12:17 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2010.08.04 12:12:16 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2010.08.04 12:12:16 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2010.08.04 12:12:16 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2010.08.04 12:12:16 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2010.08.04 12:12:15 | 000,281,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010.08.04 12:12:15 | 000,075,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010.08.04 12:12:14 | 000,289,920 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010.08.04 12:12:14 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010.08.04 12:12:13 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010.08.04 12:12:13 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010.08.04 12:12:13 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010.08.04 12:12:12 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2010.08.04 12:12:11 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2010.08.04 12:12:11 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2010.08.04 12:12:10 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2010.08.04 12:12:10 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2010.08.04 12:12:09 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2010.08.04 12:12:09 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2010.08.04 12:12:09 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2010.08.04 12:12:09 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2010.08.04 12:12:08 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2010.08.04 12:12:08 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2010.08.04 12:12:07 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2010.08.04 12:12:07 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2010.08.04 12:12:07 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2010.08.04 12:12:07 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2010.08.04 12:12:06 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2010.08.04 12:12:06 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2010.08.04 12:12:05 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010.08.04 12:12:05 | 000,077,824 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010.08.04 12:12:04 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010.08.04 12:12:01 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010.08.04 12:12:00 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010.08.04 12:11:59 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\dllcache\amdagp.sys
[2010.08.04 12:11:59 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010.08.04 12:11:58 | 000,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alim1541.sys
[2010.08.04 12:11:58 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010.08.04 12:11:58 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010.08.04 12:11:57 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010.08.04 12:11:54 | 000,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agpcpq.sys
[2010.08.04 12:11:54 | 000,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agp440.sys
[2010.08.04 12:11:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010.08.04 12:11:51 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2010.08.04 12:11:51 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll
[2010.08.04 12:11:50 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll
[2010.08.04 12:11:50 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll
[2010.08.04 12:11:49 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll
[2010.08.04 12:11:49 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll
[2010.08.04 12:11:48 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll
[2010.08.04 12:11:46 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010.08.04 12:11:46 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010.08.04 12:11:45 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010.08.04 12:11:44 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010.08.04 12:11:44 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010.08.04 12:11:44 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010.08.04 12:11:44 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010.08.04 12:11:42 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010.08.04 12:11:41 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010.08.04 12:11:41 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010.08.04 12:11:41 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010.08.04 12:11:40 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010.08.04 12:11:39 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010.08.04 12:11:39 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2010.08.04 12:11:39 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010.08.04 12:11:38 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010.08.04 12:11:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010.08.04 12:11:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010.08.04 12:11:37 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010.08.04 12:11:37 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010.08.04 12:11:37 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010.08.04 12:11:14 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010.07.29 15:30:45 | 000,065,536 | ---- | C] (DameWare Development LLC) -- C:\WINDOWS\System32\DWRCShell.DLL
[2010.07.29 14:51:53 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.07.29 12:36:17 | 000,000,000 | RHSD | C] -- C:\WINDOWS\install
[2010.07.29 11:46:13 | 000,000,000 | ---D | C] -- C:\Programme\MISDATA Systeme
[2010.07.29 11:40:58 | 000,000,000 | ---D | C] -- C:\Programme\VION IT Services
[2010.07.29 11:40:47 | 000,000,000 | ---D | C] -- C:\Programme\MMC
[2010.07.16 14:05:04 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\Administrator\Oracle Jar Cache
[2010.07.16 14:05:03 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\Administrator\.jinit
[2010.07.16 14:04:50 | 000,045,164 | ---- | C] (Oracle) -- C:\WINDOWS\System32\plugincpl13128.cpl
[2010.07.16 14:04:36 | 000,000,000 | ---D | C] -- C:\Programme\Oracle
[2010.07.14 15:23:24 | 000,000,000 | ---D | C] -- C:\swsetup
[2010.07.13 15:03:49 | 000,000,000 | ---D | C] -- c:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICAClient
[2010.07.13 14:51:35 | 000,000,000 | ---D | C] -- C:\Programme\Citrix
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.08.05 14:46:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.05 14:46:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.05 14:45:49 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.08.05 14:45:48 | 001,835,008 | -H-- | M] () -- c:\Dokumente und Einstellungen\Administrator\NTUSER.DAT
[2010.08.05 14:45:48 | 000,000,190 | -HS- | M] () -- c:\Dokumente und Einstellungen\Administrator\ntuser.ini
[2010.08.05 11:24:18 | 000,132,597 | ---- | M] () -- c:\Dokumente und Einstellungen\Administrator\Desktop\Flash_Disinfector.exe
[2010.08.05 10:25:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- c:\Dokumente und Einstellungen\Administrator\Desktop\OTL.exe
[2010.08.05 10:21:36 | 000,000,682 | ---- | M] () -- c:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.05 10:20:53 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- c:\Dokumente und Einstellungen\Administrator\Desktop\mbam-setup.exe
[2010.08.05 09:53:18 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010.08.05 09:43:23 | 000,662,872 | ---- | M] (Enigma Software Group USA, LLC.) -- c:\Dokumente und Einstellungen\Administrator\Desktop\SpyHunter-Installer.exe
[2010.08.05 09:06:06 | 000,001,704 | ---- | M] () -- c:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.lnk
[2010.08.05 09:06:02 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- c:\Dokumente und Einstellungen\Administrator\Desktop\HJTInstall.exe
[2010.08.05 08:49:48 | 001,023,972 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.05 08:49:48 | 000,442,260 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.08.05 08:49:48 | 000,426,404 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.05 08:49:48 | 000,078,016 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.08.05 08:49:48 | 000,065,414 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.05 08:46:56 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.08.05 08:46:14 | 000,061,231 | ---- | M] () -- c:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SQLite3.dll
[2010.08.04 11:04:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.29 11:42:04 | 000,001,658 | ---- | M] () -- c:\Dokumente und Einstellungen\All Users\Desktop\VION MMC.lnk
[2010.07.16 15:28:07 | 000,005,140 | ---- | M] () -- c:\Dokumente und Einstellungen\Administrator\jinitiator13128.trace
[2010.07.13 09:00:42 | 004,007,666 | ---- | M] (Axialis Software) -- C:\WINDOWS\System32\screensaver_VION_alternative.scr
[2010.07.13 09:00:22 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.07.13 09:00:22 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.08.05 11:24:16 | 000,132,597 | ---- | C] () -- c:\Dokumente und Einstellungen\Administrator\Desktop\Flash_Disinfector.exe
[2010.08.05 10:21:36 | 000,000,682 | ---- | C] () -- c:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.05 09:53:18 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010.08.05 09:06:06 | 000,001,704 | ---- | C] () -- c:\Dokumente und Einstellungen\Administrator\Desktop\HijackThis.lnk
[2010.08.05 08:46:14 | 000,061,231 | ---- | C] () -- c:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SQLite3.dll
[2010.08.04 15:37:56 | 000,000,470 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.08.04 12:32:39 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010.08.04 12:32:36 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010.08.04 12:25:01 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010.08.04 12:24:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010.08.04 12:24:20 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010.08.04 12:22:53 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010.08.04 12:21:00 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010.08.04 12:17:24 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010.08.04 12:17:21 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010.08.04 12:17:18 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010.08.04 12:17:15 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010.08.04 12:17:12 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010.08.04 12:14:43 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010.08.04 12:14:42 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010.08.04 12:14:42 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010.08.04 12:14:39 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010.08.04 12:12:26 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010.08.04 12:12:26 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010.08.04 12:12:24 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010.08.04 12:12:23 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010.08.04 12:12:22 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010.08.04 12:12:22 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010.08.04 12:12:21 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010.08.04 12:12:21 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010.08.04 12:12:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010.08.04 12:12:12 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010.07.29 11:42:04 | 000,001,658 | ---- | C] () -- c:\Dokumente und Einstellungen\All Users\Desktop\VION MMC.lnk
[2010.07.16 14:05:03 | 000,005,140 | ---- | C] () -- c:\Dokumente und Einstellungen\Administrator\jinitiator13128.trace
[2010.07.16 14:04:37 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2010.05.17 10:07:44 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvrmng.sys
[2010.05.17 10:07:16 | 000,115,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdvdrv.sys
[2010.01.13 11:49:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.01.13 11:47:39 | 000,000,027 | ---- | C] () -- C:\WINDOWS\notes.ini
[2010.01.13 11:31:23 | 000,000,206 | ---- | C] () -- C:\WINDOWS\hbcikrnl.ini
[2010.01.13 11:27:16 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4990.dll
[2007.10.22 08:53:12 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\RemoveDevice.dll
< End of report >

Fehlermeldung beim Start "Cbhd hat Fehler verursacht"

Log-Analyse und Auswertung: Fehlermeldung beim Start "Cbhd hat Fehler verursacht"