TR/Trash.Gen[Trojan]

gradesbrett · 06.01.2011, 15:22

Hallo,
Antivir hat gerade bei mir 3 Mail den TR/Trash.Gen Trojaner entdeckt. Malwarebytes findet den nicht... Wie bekomme ich den wieder weg? Ich mache auch Online-Banking und habe nun angst mich dort einzuloggen.

HijackThis hat diese Logfile gemacht:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:13, on 06.01.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Intel\Wireless\Bin\OProtSvc.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Launch Manager\LaunchAp.exe
C:\Programme\Launch Manager\HotkeyApp.exe
C:\Programme\Launch Manager\OSD.exe
C:\Programme\Launch Manager\Wbutton.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Intel\Wireless\Bin\EOUWiz.exe
C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
C:\Programme\Home Cinema\PowerCinema\PCMService.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Java\jre6\bin\java.exe
C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ITS1H54I\HiJackThis204[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Programme\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Programme\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Programme\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Programme\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Check for TWS Updates.lnk = C:\Programme\Traderworkstation\WiseUpdt.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Programme\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programme\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

cosinus · 06.01.2011, 17:35

Zitat:

Antivir hat gerade bei mir 3 Mail den TR/Trash.Gen Trojaner entdeckt.

Immer die genauen Schädlingsnamen und Pfadangaben notieren und posten!

Aus den Regeln:

5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch
Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe)
Fehlen diese Angaben, kann und wird dir hier niemand helfen.

gradesbrett · 06.01.2011, 17:55

Entschuldigung! Da habe ich die Anweisungen wohl zu schnell überflogen...

Antivir hat diesen Fund gemeldet:

In der Datei 'C:\System Volume Information\_restore{8614DC35-AA22-4C02-8CFD-E33915D5428D}\RP36\A0010003.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Diese Meldung kam drei Mal, das letzte Mal mit der Änderung:

Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4f321bed.qua' verschoben!

cosinus · 06.01.2011, 19:52

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in den Thread.

gradesbrett · 06.01.2011, 20:00

Hier Log von Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5470

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06.01.2011 17:04:40
mbam-log-2011-01-06 (17-04-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 169127
Laufzeit: 39 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

cosinus · 06.01.2011, 20:08

Zitat:

Infizierte Dateien: 1

Warum steht da infizierte Datei:1 aber das taucht nicht im Log auf??
Poste das Log bitte vollständig!!

gradesbrett · 06.01.2011, 20:16

Wow, das ist viel.
Der erste Log namens OTL.txt sieht so aus:

OTL logfile created on: 06.01.2011 20:02:09 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Dokumente und Einstellungen\Sven\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

511,00 Mb Total Physical Memory | 213,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 46,29 Gb Total Space | 21,50 Gb Free Space | 46,44% Space Free | Partition Type: NTFS
Drive D: | 36,88 Gb Total Space | 17,82 Gb Free Space | 48,32% Space Free | Partition Type: NTFS

Computer Name: GRADESBRETT | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\Sven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Outlook Express\msimn.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe ()
PRC - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Programme\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\Launch Manager\WButton.exe ()
PRC - C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Programme\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Intel\Wireless\Bin\1XConfig.exe (Intel)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Programme\Launch Manager\LaunchAp.exe ()
PRC - C:\Programme\Launch Manager\OSD.exe (Wistron)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\Sven\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (CyberLink Media Library Service) -- C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe ()
SRV - (OwnershipProtocol) -- C:\Programme\Intel\Wireless\Bin\OProtSvc.exe (Intel Corporation)
SRV - (S24EventMonitor) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (EvtEng) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (RegSrvc) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

========== Driver Services (SafeList) ==========

DRV - (Wbutton) -- C:\WINDOWS\System32\drivers\Wbutton.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (NSCIRDA) -- C:\WINDOWS\system32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTSLBCSP) -- C:\WINDOWS\system32\drivers\btslbcsp.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (Hotkey) -- C:\WINDOWS\System32\drivers\HOTKEY.sys ()

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe (Wistron)
O4 - HKLM..\Run: [EOUApp] C:\Programme\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HotkeyApp] C:\Programme\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Programme\Launch Manager\OSD.exe (Wistron)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Programme\Home Cinema\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl] C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Wbutton] C:\Programme\Launch Manager\Wbutton.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] C:\Programme\NOS\bin\getPlusUninst_Adobe.exe (NOS Microsystems Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Autostart\Check for TWS Updates.lnk = C:\Programme\Traderworkstation\WiseUpdt.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Programme\Intel\Wireless\Bin\LgNotify.dll - C:\Programme\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.22 15:22:48 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.06 20:01:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sven\Desktop\OTL.exe
[2011.01.06 18:42:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
[2011.01.06 18:42:11 | 000,000,000 | ---D | C] -- C:\Programme\NOS
[2011.01.06 18:42:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NOS
[2011.01.06 12:24:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Avira
[2011.01.06 12:20:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2011.01.06 12:20:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.01.06 12:20:02 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.01.06 12:20:02 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.01.06 12:20:02 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.01.06 12:20:02 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.01.06 12:19:52 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.01.06 12:19:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2011.01.05 20:47:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\advfn
[2011.01.05 17:08:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Desktop\Programme
[2011.01.05 15:34:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\EASEUS Data Recovery Wizard Professional 4.3.6
[2011.01.05 15:34:08 | 000,000,000 | ---D | C] -- C:\Programme\Data Recovery Wizard Professional 4.3.6
[2011.01.05 15:32:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\WinRAR
[2011.01.05 15:32:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\WinRAR
[2011.01.05 15:32:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinRAR
[2011.01.05 15:31:28 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.01.05 15:08:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\PriceGong
[2011.01.05 14:15:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sony Picture Utility
[2011.01.04 08:40:54 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011.01.04 08:40:54 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011.01.04 08:40:08 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011.01.04 08:39:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011.01.04 08:37:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.01.03 18:03:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Desktop\Spiele
[2011.01.03 18:02:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\HyperCam 2
[2011.01.03 18:02:41 | 000,000,000 | ---D | C] -- C:\Programme\HyCam2
[2011.01.03 11:34:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.01.03 11:20:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.01.03 11:20:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2011.01.03 11:20:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.01.03 11:13:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.01.03 11:07:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.01.03 11:07:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010.12.31 03:48:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Winamp
[2010.12.31 03:48:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.12.31 03:48:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.12.31 03:48:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.12.31 03:48:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Winamp Erkennungs-Plug-in
[2010.12.31 03:47:59 | 000,000,000 | ---D | C] -- C:\Programme\Winamp Detect
[2010.12.31 03:47:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010.12.31 03:46:26 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010.12.31 03:46:26 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010.12.31 03:46:26 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010.12.31 03:46:26 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010.12.31 03:46:26 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010.12.31 03:46:26 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010.12.31 03:46:26 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010.12.31 03:46:26 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010.12.31 03:46:26 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010.12.31 03:46:26 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010.12.31 03:46:26 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010.12.31 03:46:26 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010.12.31 03:46:25 | 000,000,000 | ---D | C] -- C:\Programme\Winamp
[2010.12.31 03:46:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Winamp
[2010.12.30 22:57:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Armagetron
[2010.12.30 18:17:53 | 000,000,000 | ---D | C] -- C:\Programme\Activision
[2010.12.30 18:14:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Soldat
[2010.12.30 18:13:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Soldat
[2010.12.30 18:12:29 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache
[2010.12.30 18:09:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\BomberClone
[2010.12.30 18:06:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Armagetron Advanced
[2010.12.30 18:06:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Armagetron
[2010.12.30 18:01:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Counter-Strike 1.6
[2010.12.30 08:13:44 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010.12.30 08:13:43 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010.12.29 20:57:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Media Player Classic
[2010.12.29 20:54:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Combined Community Codec Pack
[2010.12.29 20:53:55 | 000,000,000 | ---D | C] -- C:\Programme\Combined Community Codec Pack
[2010.12.29 19:54:39 | 000,000,000 | ---D | C] -- C:\Neuer Ordner
[2010.12.29 19:04:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Player
[2010.12.29 19:04:56 | 000,000,000 | ---D | C] -- C:\Programme\FLV Player
[2010.12.29 17:56:12 | 000,000,000 | ---D | C] -- C:\Programme\No23 Recorder
[2010.12.29 17:56:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\No23 Recorder
[2010.12.29 17:55:26 | 000,000,000 | ---D | C] -- C:\Programme\ScreenCap
[2010.12.29 17:50:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Tinypic
[2010.12.29 17:50:18 | 000,000,000 | ---D | C] -- C:\Programme\Tinypic
[2010.12.29 17:47:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\AdobeUM
[2010.12.29 17:47:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.12.29 17:46:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Eigene eBooks
[2010.12.29 17:46:47 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2010.12.29 17:03:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll
[2010.12.29 17:03:46 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010.12.29 17:03:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll
[2010.12.29 17:03:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010.12.29 17:03:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll
[2010.12.29 17:03:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll
[2010.12.29 17:03:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010.12.29 17:03:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll
[2010.12.29 17:03:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010.12.29 17:03:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll
[2010.12.29 17:03:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010.12.29 16:49:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[2010.12.29 16:47:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Interactive Brokers
[2010.12.29 16:46:59 | 000,000,000 | ---D | C] -- C:\Programme\Traderworkstation
[2010.12.29 16:45:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Google
[2010.12.29 16:45:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2010.12.29 16:44:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Temp
[2010.12.29 16:44:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2010.12.29 16:23:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\.abn
[2010.12.29 16:23:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010.12.29 16:13:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Tracing
[2010.12.29 16:11:55 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.12.29 16:11:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\microsoft
[2010.12.29 16:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.12.29 16:11:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Live
[2010.12.29 16:11:13 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.12.29 16:08:32 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Windows Live
[2010.12.29 16:03:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Meine empfangenen Dateien
[2010.12.29 16:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Macromedia
[2010.12.29 16:00:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Adobe
[2010.12.29 15:58:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.12.29 15:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2010.12.29 15:42:44 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.12.29 15:40:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.12.29 15:40:27 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.12.29 15:40:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.12.29 15:40:27 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.12.29 15:29:38 | 000,000,000 | ---D | C] -- C:\Programme\ClearProg
[2010.12.29 15:29:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\ClearProg
[2010.12.29 15:26:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Malwarebytes
[2010.12.29 15:26:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.29 15:26:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2010.12.29 15:26:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.12.29 15:26:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.29 15:26:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.12.29 15:07:47 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010.12.29 15:07:47 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010.12.29 15:07:47 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010.12.29 15:07:47 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010.12.29 15:07:47 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010.12.29 15:07:47 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010.12.29 15:07:44 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010.12.29 15:07:44 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010.12.29 15:07:44 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010.12.29 15:07:44 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010.12.29 15:07:43 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010.12.29 15:07:43 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2010.12.29 15:07:42 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.12.29 15:07:42 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010.12.29 15:07:41 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010.12.29 15:07:41 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010.12.29 15:07:41 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010.12.29 15:06:41 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2010.12.29 15:06:41 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2010.12.29 15:06:41 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2010.12.29 15:06:41 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2010.12.29 15:06:41 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2010.12.29 15:06:41 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2010.12.29 15:06:41 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2010.12.29 15:06:41 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2010.12.29 15:06:41 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2010.12.29 15:06:41 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2010.12.29 15:06:41 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2010.12.29 15:06:41 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2010.12.29 15:06:41 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2010.12.29 15:06:41 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2010.12.29 15:06:41 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2010.12.29 15:06:41 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2010.12.29 15:06:41 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2010.12.29 15:06:41 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2010.12.29 15:06:41 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2010.12.29 15:06:41 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2010.12.29 15:06:41 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2010.12.29 14:58:24 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sven\IECompatCache
[2010.12.29 14:57:14 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sven\PrivacIE
[2010.12.29 14:53:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sven\IETldCache
[2010.12.29 14:51:52 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010.12.29 14:51:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010.12.29 14:51:43 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010.12.29 14:51:35 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.12.29 14:51:32 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010.12.29 14:51:14 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010.12.29 14:50:01 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010.12.29 14:49:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010.12.29 14:48:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010.12.29 14:47:39 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.12.29 14:47:33 | 002,192,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010.12.29 14:47:28 | 000,737,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010.12.29 14:47:25 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.12.29 14:47:21 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.12.29 14:46:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.12.29 14:46:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010.12.29 14:41:32 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.12.29 14:40:10 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010.12.29 14:40:10 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010.12.29 14:40:08 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.12.29 14:40:07 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010.12.29 14:40:06 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010.12.29 14:38:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010.12.29 14:32:40 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2010.12.29 14:32:23 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010.12.29 14:32:23 | 000,018,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.12.29 14:32:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2010.12.29 14:32:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2010.12.29 13:45:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010.12.29 13:31:42 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sven\UserData
[2010.12.29 13:30:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010.12.28 21:07:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2010.12.22 21:53:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Ahead
[2010.12.22 21:13:07 | 000,000,000 | ---D | C] -- C:\Filme
[2010.12.22 21:12:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\CyberLink
[2010.12.22 21:00:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\CyberLink
[2010.12.22 15:52:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Identities
[2010.12.22 15:27:45 | 000,000,000 | ---D | C] -- C:\Programme\directx
[2010.12.22 15:24:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Eigene muvees
[2010.12.22 15:22:48 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Eigene Videos
[2010.12.22 15:22:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\muvee Technologies
[2010.12.22 15:21:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.12.22 15:21:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.12.22 15:21:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Sun
[2010.12.22 15:21:06 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.12.22 15:21:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.12.22 15:20:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\{7148F0A6-6813-11D6-A77B-00B0D0142050}
[2010.12.22 15:19:57 | 002,625,536 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\UNNeroVision.exe
[2010.12.22 15:19:57 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.12.22 15:19:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ahead
[2010.12.22 15:19:26 | 000,364,544 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\TwnLib4.dll
[2010.12.22 15:19:25 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2010.12.22 15:18:44 | 002,433,024 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\UNNMP.exe
[2010.12.22 15:17:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero
[2010.12.22 15:16:27 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010.12.22 15:16:22 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010.12.22 15:16:22 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010.12.22 15:16:22 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010.12.22 15:16:22 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010.12.22 15:16:20 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010.12.22 15:16:20 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Ahead
[2010.12.22 15:16:15 | 000,000,000 | ---D | C] -- C:\Programme\Ahead
[2010.12.22 15:13:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2010.12.22 15:12:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\PowerCinema
[2010.12.22 15:12:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CyberLink
[2010.12.22 15:11:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Home Cinema
[2010.12.22 15:10:59 | 000,000,000 | ---D | C] -- C:\Programme\CyberLink
[2010.12.22 15:10:51 | 000,000,000 | ---D | C] -- C:\Programme\Home Cinema
[2010.12.22 15:08:56 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.12.22 15:08:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DivX
[2010.12.22 15:08:55 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.12.22 15:08:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Google
[2010.12.22 15:08:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.12.22 15:08:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PrintMe Internet Printing
[2010.12.22 15:08:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
[2010.12.22 15:08:18 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.12.22 15:07:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
[2010.12.22 15:03:33 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010.12.22 15:03:33 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2010.12.22 15:03:33 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010.12.22 15:03:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010.12.22 15:03:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2010.12.22 15:01:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Intel PROSet Wireless
[2010.12.22 15:01:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Intel
[2010.12.22 15:00:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intel
[2010.12.22 15:00:14 | 001,654,784 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\W29MLRES.DLL
[2010.12.22 14:57:56 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2010.12.22 14:57:56 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010.12.22 14:57:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
[2010.12.22 14:57:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2010.12.22 14:57:36 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2010.12.22 14:57:36 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2010.12.22 14:57:36 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2010.12.22 14:57:36 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2010.12.22 14:57:35 | 000,339,968 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLAV32.dll
[2010.12.22 14:57:35 | 000,180,224 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRES32.dll
[2010.12.22 14:57:35 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDEV32.dll
[2010.12.22 14:57:35 | 000,126,976 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDRV32.dll
[2010.12.22 14:57:35 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDA32.dll
[2010.12.22 14:57:35 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2010.12.22 14:57:35 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2010.12.22 14:57:35 | 000,081,920 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCPY32.dll
[2010.12.22 14:57:35 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2010.12.22 14:57:35 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2010.12.22 14:57:35 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPTL32.dll
[2010.12.22 14:57:35 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2010.12.22 14:57:35 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2010.12.22 14:57:35 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLCDF32.dll
[2010.12.22 14:57:35 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLTPO32.dll
[2010.12.22 14:57:35 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRJ32.dll
[2010.12.22 14:57:35 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPRF32.dll
[2010.12.22 14:57:35 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIO32.dll
[2010.12.22 14:57:35 | 000,046,592 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2010.12.22 14:57:35 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIMG32.dll
[2010.12.22 14:57:35 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLRD32.dll
[2010.12.22 14:57:35 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLPNT32.dll
[2010.12.22 14:57:35 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLMSC32.dll
[2010.12.22 14:57:35 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLISO32.dll
[2010.12.22 14:57:35 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLDIR32.dll
[2010.12.22 14:57:35 | 000,028,672 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\STRING32.dll
[2010.12.22 14:57:35 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTIC32.dll
[2010.12.22 14:57:35 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\TTI32.dll
[2010.12.22 14:57:35 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\WINDOWS\System32\DLLIX.dll
[2010.12.22 14:57:34 | 000,000,000 | ---D | C] -- C:\Programme\MEDION
[2010.12.22 14:57:33 | 001,089,536 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2010.12.22 14:57:33 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\HtmlWH.dll
[2010.12.22 14:57:33 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\INETWH32.dll
[2010.12.22 14:55:26 | 000,294,912 | R--- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2010.12.22 14:55:12 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.12.22 14:52:38 | 000,069,722 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2010.12.22 14:52:37 | 000,185,824 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\drivers\SynTP.sys
[2010.12.22 14:52:37 | 000,114,688 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCtrl.dll
[2010.12.22 14:52:37 | 000,090,202 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPAPI.dll
[2010.12.22 14:52:37 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2010.12.22 14:52:37 | 000,077,917 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynCOM.dll
[2010.12.22 14:52:33 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.12.22 14:48:48 | 000,017,408 | ---- | C] (X10 Wireless Technology, Inc.) -- C:\WINDOWS\System32\drivers\x10ufx2.sys
[2010.12.22 14:48:47 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010.12.22 14:48:47 | 000,000,000 | ---D | C] -- C:\Programme\X10 Hardware
[2010.12.22 14:48:47 | 000,000,000 | ---D | C] -- C:\Programme\Common Files
[2010.12.22 14:46:18 | 000,000,000 | ---D | C] -- C:\Programme\Launch Manager
[2010.12.22 14:46:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Launch Manager
[2010.12.22 14:45:54 | 000,000,000 | ---D | C] -- C:\Programme\Broadcom
[2010.12.22 14:45:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.12.22 14:44:13 | 000,000,000 | ---D | C] -- C:\Programme\Intel
[2010.12.22 14:43:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010.12.22 14:40:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2010.12.22 14:38:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Bluetooth-Exchange-Ordner
[2010.12.22 14:38:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Bluetooth Software
[2010.12.22 14:36:14 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM
[2010.12.22 14:33:40 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010.12.22 14:33:40 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010.12.22 14:33:40 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010.12.22 14:33:40 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010.12.22 14:33:32 | 002,300,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\alcxwdm.sys
[2010.12.22 14:33:32 | 000,077,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
[2010.12.22 14:33:31 | 009,324,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTLCPL.exe
[2010.12.22 14:33:29 | 016,166,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\alsndmgr.cpl
[2010.12.22 14:33:29 | 000,208,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2010.12.22 14:33:29 | 000,139,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe
[2010.12.22 14:33:29 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.12.22 14:33:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2010.12.22 14:32:53 | 000,184,320 | ---- | C] (MAGIX AG) -- C:\WINDOWS\System32\mgxoschk.dll
[2010.12.22 14:31:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Identities
[2010.12.22 14:31:04 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information
[2010.12.22 14:31:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Eigene Musik
[2010.12.22 14:31:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien
[2010.12.22 14:31:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\Eigene Bilder
[2010.12.22 14:30:59 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten\Microsoft
[2010.12.22 14:30:59 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sven\Anwendungsdaten
[2010.12.22 14:30:59 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Favoriten
[2010.12.22 14:30:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sven\Cookies
[2010.12.22 14:30:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen
[2010.12.22 14:30:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sven\Druckumgebung
[2010.12.22 14:30:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.12.22 14:30:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sven\Desktop
[2010.12.22 14:30:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sven\SendTo
[2010.12.22 14:30:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sven\Recent
[2010.12.22 14:30:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Zubehör
[2010.12.22 14:30:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü
[2010.12.22 14:30:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Autostart
[2010.12.22 14:30:58 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sven\Vorlagen
[2010.12.22 14:30:58 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Sven\Netzwerkumgebung
[2010.12.22 14:29:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010.12.22 14:29:37 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010.12.22 14:29:35 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2010.12.22 14:29:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.12.22 14:26:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.12.22 14:26:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2010.12.22 14:25:27 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2010.12.22 14:25:26 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2010.12.22 14:25:26 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2010.12.22 14:25:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2010.12.22 14:25:25 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2010.12.22 14:25:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2010.12.22 14:25:24 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010.12.22 14:25:24 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010.12.22 14:25:22 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2010.12.22 14:25:22 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2010.12.22 14:25:22 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010.12.22 14:25:20 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2010.12.22 14:25:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2010.12.22 14:25:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010.12.22 14:25:18 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2010.12.22 14:25:18 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2010.12.22 14:25:17 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2010.12.22 14:25:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010.12.22 14:25:17 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2010.12.22 14:25:16 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010.12.22 14:25:16 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010.12.22 14:25:16 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010.12.22 14:25:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010.12.22 14:25:12 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010.12.22 14:25:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010.12.22 14:25:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010.12.22 14:25:09 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010.12.22 14:25:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010.12.22 14:25:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010.12.22 14:25:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010.12.22 14:25:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010.12.22 14:25:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010.12.22 14:25:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010.12.22 14:25:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010.12.22 14:25:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010.12.22 14:25:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010.12.22 14:25:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010.12.22 14:25:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010.12.22 14:25:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010.12.22 14:25:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010.12.22 14:25:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010.12.22 14:25:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010.12.22 14:25:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010.12.22 14:25:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010.12.22 14:25:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010.12.22 14:25:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010.12.22 14:25:02 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010.12.22 14:25:02 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010.12.22 14:25:01 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2010.12.22 14:25:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010.12.22 14:25:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010.12.22 14:24:58 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2010.12.22 14:24:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010.12.22 14:24:57 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010.12.22 14:24:56 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010.12.22 14:24:56 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2010.12.22 14:24:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010.12.22 14:24:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010.12.22 14:24:55 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2010.12.22 14:24:55 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2010.12.22 14:24:55 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2010.12.22 14:24:54 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2010.12.22 14:24:54 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010.12.22 14:24:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2010.12.22 14:24:54 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2010.12.22 14:24:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010.12.22 14:24:51 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010.12.22 14:24:47 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010.12.22 14:24:42 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010.12.22 14:24:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010.12.22 14:24:34 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010.12.22 14:24:34 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010.12.22 14:24:32 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010.12.22 14:24:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010.12.22 14:24:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010.12.22 14:24:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010.12.22 14:24:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010.12.22 14:24:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010.12.22 14:24:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010.12.22 14:24:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010.12.22 14:24:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010.12.22 14:24:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010.12.22 14:24:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010.12.22 14:24:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010.12.22 14:24:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010.12.22 14:24:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010.12.22 14:24:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010.12.22 14:24:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010.12.22 14:24:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010.12.22 14:24:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010.12.22 14:24:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010.12.22 14:24:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010.12.22 14:24:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010.12.22 14:24:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010.12.22 14:24:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010.12.22 14:24:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010.12.22 14:24:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010.12.22 14:24:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010.12.22 14:24:26 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010.12.22 14:24:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010.12.22 14:24:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2010.12.22 14:24:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010.12.22 14:24:23 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2010.12.22 14:24:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2010.12.22 14:24:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010.12.22 14:24:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2010.12.22 14:24:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2010.12.22 14:24:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010.12.22 14:24:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2010.12.22 14:24:21 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2010.12.22 14:24:21 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2010.12.22 14:24:21 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2010.12.22 14:24:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2010.12.22 14:24:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010.12.22 14:24:20 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2010.12.22 14:24:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2010.12.22 14:24:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010.12.22 14:24:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2010.12.22 14:24:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010.12.22 14:24:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2010.12.22 14:24:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2010.12.22 14:24:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010.12.22 14:24:15 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010.12.22 14:24:08 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010.12.22 14:24:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010.12.22 14:24:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010.12.22 14:24:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010.12.22 14:24:03 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010.12.22 14:24:03 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010.12.22 14:24:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010.12.22 14:24:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010.12.22 14:24:00 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010.12.22 14:24:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010.12.22 14:24:00 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010.12.22 14:23:59 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010.12.22 14:23:59 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010.12.22 14:23:58 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010.12.22 14:23:53 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010.12.22 14:23:52 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2010.12.22 14:23:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010.12.22 14:23:49 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010.12.22 14:23:49 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010.12.22 14:23:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010.12.22 14:23:49 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010.12.22 14:23:49 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010.12.22 14:23:48 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010.12.22 14:23:48 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010.12.22 14:23:47 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010.12.22 14:23:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010.12.22 14:23:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010.12.22 14:23:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010.12.22 14:23:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010.12.22 14:23:45 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010.12.22 14:23:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010.12.22 14:23:45 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010.12.22 14:23:36 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010.12.22 14:23:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010.12.22 14:23:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010.12.22 14:23:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010.12.22 14:23:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2010.12.22 14:23:14 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2010.12.22 14:23:14 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage
[2010.12.22 14:22:45 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010.12.22 14:22:06 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM
[2010.12.22 14:21:56 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010.12.22 14:21:56 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2010.12.22 14:21:46 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate
[2010.12.22 14:21:41 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste
[2010.12.22 14:21:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010.12.22 14:21:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2010.12.22 14:21:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010.12.22 14:21:03 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2010.12.22 14:21:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2010.12.22 14:21:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2010.12.22 14:21:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010.12.22 14:20:54 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2010.12.22 14:20:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2010.12.22 14:20:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010.12.22 14:20:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2010.12.22 14:20:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2010.12.22 14:20:52 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2010.12.22 14:20:52 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010.12.22 14:20:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2010.12.22 14:20:51 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste
[2010.12.22 14:20:49 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010.12.22 14:20:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010.12.22 14:20:49 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2010.12.22 14:20:49 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010.12.22 14:20:48 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2010.12.22 14:20:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010.12.22 14:20:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010.12.22 14:20:48 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2010.12.22 14:20:48 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2010.12.22 14:20:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010.12.22 14:20:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap
[2010.12.22 14:20:47 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2010.12.22 14:20:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010.12.22 14:20:43 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2010.12.22 14:20:42 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010.12.22 14:20:42 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2010.12.22 14:20:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2010.12.22 14:20:41 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2010.12.22 14:20:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010.12.22 14:20:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2010.12.22 14:20:41 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010.12.22 14:20:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010.12.22 14:20:40 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010.12.22 14:20:40 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2010.12.22 14:20:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010.12.22 14:20:40 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010.12.22 14:20:39 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010.12.22 14:20:39 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010.12.22 14:20:39 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2010.12.22 14:20:39 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010.12.22 14:20:39 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2010.12.22 14:20:39 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2010.12.22 14:20:39 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010.12.22 14:20:39 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010.12.22 14:20:39 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010.12.22 14:20:39 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010.12.22 14:20:39 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2010.12.22 14:20:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010.12.22 14:20:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010.12.22 14:20:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010.12.22 14:20:34 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.12.22 14:20:34 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker
[2010.12.22 14:20:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010.12.22 14:20:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010.12.22 14:20:30 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010.12.22 14:20:30 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010.12.22 14:20:26 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010.12.22 14:20:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010.12.22 14:20:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010.12.22 14:20:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010.12.22 14:20:25 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010.12.22 14:20:25 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010.12.22 14:20:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010.12.22 14:20:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010.12.22 14:20:21 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010.12.22 14:20:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010.12.22 14:20:21 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting
[2010.12.22 14:20:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010.12.22 14:20:18 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express
[2010.12.22 14:20:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010.12.22 14:20:17 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010.12.22 14:20:17 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010.12.22 14:20:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010.12.22 14:20:16 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010.12.22 14:20:11 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010.12.22 14:20:11 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System
[2010.12.22 14:20:09 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010.12.22 14:20:08 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010.12.22 14:20:05 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer
[2010.12.22 14:20:04 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder
[2010.12.22 14:19:52 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications
[2010.12.22 14:19:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
[2010.12.22 14:19:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010.12.22 14:19:15 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele
[2010.12.22 14:19:15 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik
[2010.12.22 14:19:15 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player
[2010.12.22 14:19:15 | 000,000,000 | ---D | C] -- C:\Programme\Online Services
[2010.12.22 14:19:09 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2010.12.22 14:19:09 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2010.12.22 14:19:08 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2010.12.22 14:19:08 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2010.12.22 14:19:08 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2010.12.22 14:19:08 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2010.12.22 14:19:08 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2010.12.22 14:19:08 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2010.12.22 14:19:08 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2010.12.22 14:19:08 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2010.12.22 14:19:07 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2010.12.22 14:19:07 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2010.12.22 14:19:07 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2010.12.22 14:19:07 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2010.12.22 14:19:07 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2010.12.22 14:19:07 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2010.12.22 14:19:07 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2010.12.22 14:19:07 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2010.12.22 14:19:07 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2010.12.22 14:19:07 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2010.12.22 14:19:06 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2010.12.22 14:19:06 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2010.12.22 14:19:06 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2010.12.22 14:19:05 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2010.12.22 14:19:05 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2010.12.22 14:19:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010.12.22 14:19:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2010.12.22 14:19:05 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone
[2010.12.22 14:18:57 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010.12.22 14:18:57 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2010.12.22 14:18:57 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010.12.22 14:18:57 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2010.12.22 14:18:56 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2010.12.22 14:18:56 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010.12.22 14:18:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2010.12.22 14:18:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010.12.22 14:18:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010.12.22 14:18:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2010.12.22 14:18:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2010.12.22 14:18:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010.12.22 14:18:49 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010.12.22 14:18:49 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2010.12.22 14:18:49 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2010.12.22 14:18:49 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010.12.22 14:18:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2010.12.22 14:18:49 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010.12.22 14:18:48 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010.12.22 14:18:48 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2010.12.22 14:18:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010.12.22 14:18:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2010.12.22 14:18:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010.12.22 14:18:48 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2010.12.22 14:18:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010.12.22 14:18:47 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2010.12.22 14:18:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010.12.22 14:18:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2010.12.22 14:18:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010.12.22 14:18:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2010.12.22 14:18:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010.12.22 14:18:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2010.12.22 14:18:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010.12.22 14:18:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010.12.22 14:18:47 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2010.12.22 14:18:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010.12.22 14:18:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2010.12.22 14:18:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010.12.22 14:18:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2010.12.22 14:18:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010.12.22 14:18:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2010.12.22 14:18:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010.12.22 14:18:46 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2010.12.22 14:18:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010.12.22 14:18:46 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2010.12.22 14:18:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010.12.22 14:18:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2010.12.22 14:18:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2010.12.22 14:18:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010.12.22 14:18:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010.12.22 14:18:45 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010.12.22 14:18:45 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010.12.22 14:18:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010.12.22 14:18:45 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2010.12.22 14:18:45 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010.12.22 14:18:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010.12.22 14:18:44 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010.12.22 14:18:44 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010.12.22 14:18:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2010.12.22 14:18:41 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2010.12.22 14:18:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2010.12.22 14:18:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2010.12.22 14:18:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2010.12.22 14:18:41 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2010.12.22 14:18:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2010.12.22 14:18:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2010.12.22 14:18:41 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2010.12.22 14:18:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2010.12.22 14:18:40 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2010.12.22 14:18:40 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2010.12.22 14:18:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2010.12.22 14:18:40 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2010.12.22 14:18:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2010.12.22 14:18:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2010.12.22 14:18:29 | 000,000,000 | ---D | C] -- C:\Programme\MSN
[2010.12.22 14:18:28 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010.12.22 14:18:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010.12.22 14:18:27 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010.12.22 14:18:27 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010.12.22 14:18:27 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010.12.22 14:18:27 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010.12.22 14:18:26 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010.12.22 14:18:26 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010.12.22 14:18:26 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010.12.22 14:18:26 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT
[2010.12.22 14:18:25 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010.12.22 14:18:25 | 000,412,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010.12.22 14:18:25 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010.12.22 14:18:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010.12.22 14:18:25 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010.12.22 14:18:24 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010.12.22 14:18:24 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010.12.22 14:18:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010.12.22 14:18:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010.12.22 14:18:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010.12.22 14:18:24 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010.12.22 14:18:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010.12.22 14:18:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010.12.22 14:18:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010.12.22 14:18:23 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010.12.22 14:18:23 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010.12.22 14:18:23 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010.12.22 14:18:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010.12.22 14:18:22 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010.12.22 14:18:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010.12.22 14:18:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010.12.22 14:18:21 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010.12.22 14:18:21 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010.12.22 14:18:21 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010.12.22 14:18:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010.12.22 14:18:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010.12.22 14:18:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010.12.22 14:18:20 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010.12.22 14:18:20 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010.12.22 14:18:14 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010.12.22 14:18:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010.12.22 14:18:13 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010.12.22 14:18:13 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010.12.22 14:17:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
[2010.12.22 14:13:56 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010.12.22 14:13:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshirda.dll
[2010.12.22 14:13:53 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\nscirda.sys
[2010.12.22 14:13:44 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2010.12.22 14:13:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010.12.22 14:13:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2010.12.22 14:12:18 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010.12.22 14:12:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2010.12.22 14:12:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2010.12.22 14:12:15 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2010.12.22 14:12:14 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2010.12.22 14:12:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2010.12.22 14:12:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2010.12.22 14:12:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2010.12.22 14:12:12 | 000,000,000 | R--D | C] -- C:\Programme
[2010.12.22 14:12:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2010.12.22 14:12:09 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010.12.22 14:12:09 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010.12.22 14:12:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2010.12.22 14:12:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2010.12.22 14:12:09 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010.12.22 14:12:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010.12.22 14:12:07 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2010.12.22 14:12:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2010.12.22 14:12:05 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010.12.22 14:12:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2010.12.22 14:12:05 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010.12.22 14:12:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2010.12.22 14:12:05 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010.12.22 14:12:05 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010.12.22 14:12:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2010.12.22 14:12:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2010.12.22 14:12:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010.12.22 14:12:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010.12.22 14:12:05 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010.12.22 14:12:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2010.12.22 14:12:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2010.12.22 14:12:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2010.12.22 14:12:03 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010.12.22 14:12:03 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010.12.22 14:12:03 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010.12.22 14:12:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2010.12.22 14:12:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2010.12.22 14:12:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2010.12.22 14:12:03 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010.12.22 14:12:03 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010.12.22 14:12:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2010.12.22 14:12:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2010.12.22 14:12:01 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010.12.22 14:12:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010.12.22 14:12:01 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2010.12.22 14:12:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2010.12.22 14:12:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010.12.22 14:12:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010.12.22 14:12:01 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010.12.22 14:12:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2010.12.22 14:12:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2010.12.22 14:12:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2010.12.22 14:11:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2010.12.22 14:11:59 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010.12.22 14:11:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010.12.22 14:11:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010.12.22 14:11:58 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010.12.22 14:11:58 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2010.12.22 14:11:58 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2010.12.22 14:11:58 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010.12.22 14:11:58 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010.12.22 14:11:58 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010.12.22 14:11:58 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010.12.22 14:11:58 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010.12.22 14:11:58 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010.12.22 14:11:58 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010.12.22 14:11:58 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010.12.22 14:11:57 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010.12.22 14:11:57 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010.12.22 14:11:57 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010.12.22 14:11:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010.12.22 14:11:57 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010.12.22 14:11:57 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010.12.22 14:11:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010.12.22 14:11:57 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010.12.22 14:11:57 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010.12.22 14:11:57 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010.12.22 14:11:57 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010.12.22 14:11:57 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010.12.22 14:11:56 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010.12.22 14:11:56 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010.12.22 14:11:56 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010.12.22 14:11:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010.12.22 14:11:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2010.12.22 14:11:56 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010.12.22 14:11:55 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2010.12.22 14:11:55 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010.12.22 14:11:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010.12.22 14:11:53 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010.12.22 14:11:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2010.12.22 14:11:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2010.12.22 14:11:44 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2010.12.22 14:11:44 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2010.12.22 14:11:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2010.12.22 14:11:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2010.12.22 14:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010.12.22 14:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010.12.22 14:11:25 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2010.12.22 14:11:25 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2010.12.22 14:10:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[2010.12.22 14:10:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

cosinus · 06.01.2011, 20:19

Vergiss das unvollständige Log mit MBAM nicht!

gradesbrett · 06.01.2011, 20:19

========== Files - Modified Within 30 Days ==========

[2011.01.06 20:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sven\Desktop\OTL.exe
[2011.01.06 19:49:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.06 18:53:38 | 000,000,624 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os604495.bin
[2011.01.06 18:37:58 | 000,001,080 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.06 18:37:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.06 11:30:53 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.06 11:28:43 | 000,012,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.05 15:33:37 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.04 10:02:55 | 000,133,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.04 09:38:19 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.03 11:36:27 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011.01.03 11:12:44 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2010.12.31 03:42:07 | 000,317,168 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.12.31 03:42:07 | 000,311,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.31 03:42:07 | 000,048,552 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.12.31 03:42:07 | 000,040,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.30 21:06:07 | 000,000,000 | R--- | M] () -- C:\logwmemory.bin
[2010.12.29 20:57:27 | 000,000,260 | ---- | M] () -- C:\Dokumente und Einstellungen\Sven\default.pls
[2010.12.29 16:47:05 | 000,001,669 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trader Workstation 4.0.LNK
[2010.12.29 16:47:04 | 000,000,057 | ---- | M] () -- C:\WINDOWS\ib.ini
[2010.12.29 16:47:03 | 000,000,673 | ---- | M] () -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Autostart\Check for TWS Updates.lnk
[2010.12.29 16:45:37 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.12.29 15:59:15 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.12.29 15:40:17 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.12.29 15:40:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.12.29 15:40:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.12.29 15:40:17 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.12.29 15:40:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.12.22 21:47:13 | 000,001,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\PDVD_MediaDisc.PlayList
[2010.12.22 15:30:35 | 000,000,085 | ---- | M] () -- C:\WINDOWS\magix.ini
[2010.12.22 15:24:30 | 000,000,000 | ---- | M] () -- C:\WINDOWS\muveeapp.INI
[2010.12.22 15:22:48 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010.12.22 15:08:58 | 000,004,704 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.12.22 14:36:21 | 000,000,681 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
[2010.12.22 14:31:38 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Sven\Desktop\Arbeitsplatz.lnk
[2010.12.22 14:26:37 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010.12.22 14:25:45 | 000,000,302 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.12.22 14:23:03 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.12.22 14:23:03 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.12.22 14:23:03 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.12.22 14:23:03 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.12.22 14:22:56 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.12.22 14:22:56 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.12.22 14:22:46 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.22 14:20:03 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.13 08:39:39 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.13 08:39:38 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.06 18:53:38 | 000,000,624 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os604495.bin
[2010.12.30 21:06:07 | 000,000,000 | R--- | C] () -- C:\logwmemory.bin
[2010.12.29 16:47:05 | 000,001,669 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trader Workstation 4.0.LNK
[2010.12.29 16:47:04 | 000,000,057 | ---- | C] () -- C:\WINDOWS\ib.ini
[2010.12.29 16:47:03 | 000,000,673 | ---- | C] () -- C:\Dokumente und Einstellungen\Sven\Startmenü\Programme\Autostart\Check for TWS Updates.lnk
[2010.12.29 16:47:02 | 000,026,624 | ---- | C] () -- C:\WINDOWS\GetIe.dll
[2010.12.29 16:45:37 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2010.12.29 16:44:09 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.29 16:44:08 | 000,001,080 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.29 15:07:49 | 000,660,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2010.12.29 15:07:49 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2010.12.29 15:07:49 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2010.12.29 15:07:49 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2010.12.29 15:07:49 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2010.12.29 15:07:49 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2010.12.29 15:07:49 | 000,001,730 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2010.12.29 15:07:49 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2010.12.29 15:07:48 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2010.12.29 15:07:48 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2010.12.29 15:07:48 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2010.12.29 15:07:48 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2010.12.29 15:07:48 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2010.12.29 15:07:48 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2010.12.29 15:07:48 | 000,034,554 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2010.12.29 15:07:48 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2010.12.29 15:07:48 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2010.12.29 15:07:48 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2010.12.29 15:07:48 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2010.12.29 15:07:48 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2010.12.29 15:07:48 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2010.12.29 15:07:48 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2010.12.29 15:07:48 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2010.12.29 15:07:48 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2010.12.29 15:07:48 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2010.12.29 15:07:47 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2010.12.29 15:07:47 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2010.12.29 15:07:47 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2010.12.29 15:07:46 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2010.12.29 15:07:46 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2010.12.29 15:07:46 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2010.12.29 15:07:46 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2010.12.29 15:07:46 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2010.12.29 15:07:45 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2010.12.29 15:07:45 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2010.12.29 15:07:45 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2010.12.29 15:07:45 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2010.12.29 15:07:45 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2010.12.29 15:07:44 | 000,001,810 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2010.12.29 15:07:44 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2010.12.29 15:07:43 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2010.12.29 15:07:43 | 000,084,531 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2010.12.29 15:07:43 | 000,066,132 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2010.12.29 15:07:42 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2010.12.29 15:07:42 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2010.12.29 15:07:42 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2010.12.29 15:07:41 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2010.12.29 15:07:38 | 000,036,610 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2010.12.29 15:07:38 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2010.12.29 15:07:38 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2010.12.29 15:07:37 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2010.12.29 15:07:34 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2010.12.29 15:07:29 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2010.12.29 15:07:28 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2010.12.29 15:07:28 | 000,184,109 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2010.12.29 15:07:28 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2010.12.29 15:07:28 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2010.12.29 15:07:28 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2010.12.29 15:07:28 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2010.12.29 15:07:28 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2010.12.29 15:07:28 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2010.12.29 15:07:28 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2010.12.29 15:07:28 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2010.12.29 15:07:27 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2010.12.29 15:06:41 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2010.12.22 21:53:35 | 000,000,260 | ---- | C] () -- C:\Dokumente und Einstellungen\Sven\default.pls
[2010.12.22 21:53:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.22 21:13:46 | 000,012,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Sven\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.22 21:12:20 | 000,001,080 | ---- | C] () -- C:\Dokumente und Einstellungen\Sven\Eigene Dateien\PDVD_MediaDisc.PlayList
[2010.12.22 15:24:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2010.12.22 15:19:58 | 000,211,676 | ---- | C] () -- C:\WINDOWS\UNNeroVision.cfg
[2010.12.22 15:18:45 | 000,049,650 | ---- | C] () -- C:\WINDOWS\UNNMP.cfg
[2010.12.22 15:11:03 | 000,033,820 | ---- | C] () -- C:\WINDOWS\System32\WMPrfDeu.prx
[2010.12.22 15:10:00 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2010.12.22 15:09:56 | 000,000,302 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.12.22 15:08:58 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.12.22 15:00:14 | 000,000,013 | R--- | C] () -- C:\WINDOWS\System32\drivers\verfile.tic
[2010.12.22 14:57:35 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010.12.22 14:57:35 | 000,014,182 | ---- | C] () -- C:\WINDOWS\System32\DLLAV32.lib
[2010.12.22 14:55:25 | 000,073,845 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.12.22 14:55:25 | 000,009,054 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010.12.22 14:48:48 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2010.12.22 14:46:18 | 000,009,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\HOTKEY.sys
[2010.12.22 14:36:21 | 000,000,681 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk
[2010.12.22 14:33:32 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.12.22 14:33:32 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.12.22 14:33:31 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2010.12.22 14:33:29 | 000,001,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2010.12.22 14:32:53 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2010.12.22 14:32:53 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini
[2010.12.22 14:31:38 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Sven\Desktop\Arbeitsplatz.lnk
[2010.12.22 14:26:37 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010.12.22 14:25:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.22 14:24:55 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010.12.22 14:24:29 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010.12.22 14:24:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010.12.22 14:24:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010.12.22 14:24:11 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010.12.22 14:24:05 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010.12.22 14:23:49 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010.12.22 14:23:03 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.12.22 14:23:03 | 000,000,050 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010.12.22 14:23:03 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.12.22 14:23:03 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.12.22 14:23:03 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010.12.22 14:22:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.12.22 14:22:56 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.12.22 14:22:55 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010.12.22 14:21:31 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010.12.22 14:21:01 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010.12.22 14:21:01 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010.12.22 14:20:54 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010.12.22 14:20:03 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.12.22 14:18:51 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2010.12.22 14:18:51 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2010.12.22 14:18:51 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2010.12.22 14:18:51 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2010.12.22 14:18:51 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010.12.22 14:18:51 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2010.12.22 14:18:50 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2010.12.22 14:18:50 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2010.12.22 14:18:50 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2010.12.22 14:18:50 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2010.12.22 14:18:50 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2010.12.22 14:18:47 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010.12.22 14:18:47 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010.12.22 14:18:46 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010.12.22 14:18:40 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010.12.22 14:12:20 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.12.22 14:12:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.22 14:12:14 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010.12.22 14:12:14 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010.12.22 14:12:14 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010.12.22 14:12:13 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010.12.22 14:11:56 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010.12.22 14:11:44 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010.12.22 14:11:44 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010.12.22 14:11:44 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010.12.22 14:11:44 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010.12.22 14:11:43 | 001,014,663 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2010.12.22 14:11:43 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010.12.22 14:11:43 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010.12.22 14:11:43 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010.12.22 14:10:53 | 000,133,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.11.29 19:44:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004.09.28 22:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.08.12 08:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004.08.04 13:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004.08.04 13:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004.08.04 13:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004.08.04 13:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004.08.04 13:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

< End of report >

gradesbrett · 06.01.2011, 20:20

Und hier noch die Extra.txt datei von OTL:

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 06.01.2011 20:02:09 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Dokumente und Einstellungen\Sven\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
511,00 Mb Total Physical Memory | 213,00 Mb Available Physical Memory | 42,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 46,29 Gb Total Space | 21,50 Gb Free Space | 46,44% Space Free | Partition Type: NTFS
Drive D: | 36,88 Gb Total Space | 17,82 Gb Free Space | 48,32% Space Free | Partition Type: NTFS
 
Computer Name: GRADESBRETT | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe" = C:\Programme\Home Cinema\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema -- (CyberLink Corp.)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Ahead\Nero ShowTime\ShowTime.exe" = C:\Programme\Ahead\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Ahead software AG)
"E:\Counter Strike\hl.exe" = E:\Counter Strike\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\Programme\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Programme\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- File not found
"D:\Spiele\Counterstrike\hl.exe" = D:\Spiele\Counterstrike\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"D:\Spiele\Soldat\Soldat.exe" = D:\Spiele\Soldat\Soldat.exe:*:Enabled:hxxp://soldat.pl -- (Michal Marcinkowski)
"C:\Dokumente und Einstellungen\Sven\Desktop\Quake III Arena\quake3.exe" = C:\Dokumente und Einstellungen\Sven\Desktop\Quake III Arena\quake3.exe:*:Enabled:quake3 -- File not found
"D:\Spiele\Armagetron Advanced\armagetronad.exe" = D:\Spiele\Armagetron Advanced\armagetronad.exe:*:Enabled:armagetronad -- ()
"C:\Programme\Winamp\winamp.exe" = C:\Programme\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1965C9BB-9114-4A50-AEC7-E62414BB117B}" = EASEUS Data Recovery Wizard Professional 4.3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{425ECED4-23ED-4E05-A88A-B59700DAF2AD}" = TIxx21/x515
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = Home Cinema
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A00000000001}" = Adobe Reader 6.0.1 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU.msi
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.2.9
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Armagetron Advanced" = Armagetron Advanced 0.2.8.2.1.gcc
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bomberclone" = Bomberclone
"ClearProg" = ClearProg 1.6.1 Beta 3
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"Counter-Strike 1.6" = Counter-Strike 1.6
"FLV Player" = FLV Player 2.0 (build 25)
"HyperCam 2" = HyperCam 2
"ie8" = Windows Internet Explorer 8
"InstallShield_{425ECED4-23ED-4E05-A88A-B59700DAF2AD}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" = NeroVision Express 3
"ProInst" = Intel(R) PROSet/Wireless Software
"Soldat_is1" = Soldat 1.5.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trader Workstation 4.0" = Trader Workstation 4.0
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 28.12.2010 16:01:05 | Computer Name = GRADESBRETT | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung powerdvd.exe, Version 6.0.0.1203, fehlgeschlagenes
 Modul claud.ax, Version 6.0.0.1223, Fehleradresse 0x0003c0df.
 
Error - 28.12.2010 16:08:02 | Computer Name = GRADESBRETT | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung powercinema.exe, Version 4.0.0.0, fehlgeschlagenes
 Modul claud.ax, Version 6.0.0.1223, Fehleradresse 0x0003c0df.
 
Error - 29.12.2010 10:36:17 | Computer Name = GRADESBRETT | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
 von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
 ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
 zurückgegeben.  .
 
Error - 30.12.2010 04:06:00 | Computer Name = GRADESBRETT | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung ShowTime.exe, Version 2.0.0.18, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 30.12.2010 13:03:47 | Computer Name = GRADESBRETT | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.2.105 für die Netzwerkkarte mit der Netzwerkadresse
 000AE4A47590 wurde durch  den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat 
eine DHCPNACK-Meldung gesendet).
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC80.MFCLOC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC80.MFCLOC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Data Recovery Wizard
 Professional 4.3.6\MFC80.DLL fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang 
wurde erfolgreich beendet.  .
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC80.MFCLOC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC80.MFCLOC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 05.01.2011 10:34:57 | Computer Name = GRADESBRETT | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\Data Recovery Wizard
 Professional 4.3.6\MFC80.DLL fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang 
wurde erfolgreich beendet.  .
 
Error - 06.01.2011 07:00:47 | Computer Name = GRADESBRETT | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im 
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
 wurde angehalten.
 
Error - 06.01.2011 07:01:08 | Computer Name = GRADESBRETT | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   IntelIde
 
Error - 06.01.2011 07:01:37 | Computer Name = GRADESBRETT | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die  Netzwerkkarte mit der Netzwerkadresse 000E35D03B3E zugeteilt werden. Der
 folgende Fehler  ist aufgetreten:   %%1223.  Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom  Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
 
< End of report >

--- --- ---

gradesbrett · 06.01.2011, 20:23

Oh Mist, die letzte Zeilen habe ich vergessen.
Hier nun hoffenltich alles von Malwarbytes:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5470

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

06.01.2011 17:04:40
mbam-log-2011-01-06 (17-04-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 169127
Laufzeit: 39 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programme\WinRAR\keygen winrar 3.9 x86 x64 deutsch.exe (RiskWare.Agent.CK) -> No action taken.

cosinus · 06.01.2011, 21:57

Zitat:

c:\programme\WinRAR\keygen winrar 3.9 x86 x64 deutsch.exe

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!

06.01.2011, 20:19	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	TR/Trash.Gen[Trojan] Vergiss das unvollständige Log mit MBAM nicht! __________________ Logfiles bitte immer in CODE-Tags posten

TR/Trash.Gen[Trojan]

Log-Analyse und Auswertung: TR/Trash.Gen[Trojan]