| |
| |||||||
Log-Analyse und Auswertung: Trojaner TR/Spy.ZBot.asur in FXYCNO.dllWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
12.04.2011, 17:24
| #31 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Jup einfach löschen. Wenn du willst noch auch die Q-Ordner wie C:\_OTL C:\QooBox Wobei CF noch einige andere Reste hinterlässt, die aber eigentlich nicht stören.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.04.2011, 12:46
| #32 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Welche zwei Fragen meinst du jetzt genau?
__________________
__________________ |
|
13.04.2011, 12:55
| #33 | |
 | Trojaner TR/Spy.ZBot.asur in FXYCNO.dllZitat:
Gruß, larue |
|
13.04.2011, 13:06
| #34 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dllZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2011, 13:49
| #35 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Startet nicht. Das Symbol in der Taskleiste wird kurz hellblau und nach einigen Sekunden wieder inaktiv. Keine Sanduhr, nix. |
|
13.04.2011, 14:01
| #36 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll
__________________ --> Trojaner TR/Spy.ZBot.asur in FXYCNO.dll |
|
13.04.2011, 15:03
| #37 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Nein, der IE8 lief problemlos. Erst nachdem antivir die Datei FXYCNO.dll, die den Trojaner beinhaltet haben soll, in Quarantäne verschoben hatte, startete IE zunächst nach mehreren Anläufen, wobei die Darstellung nach und nach vervollständigt wurde, und schließlich gar nicht mehr. Hab versucht, IE9 aus den Systemprogrammen mit (No AddOns) zu starten - Fehlanzeige. |
|
13.04.2011, 15:18
| #38 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Deinstaliler den IE9 nochmal, state Windows danach neu und beobachte.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2011, 15:34
| #39 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Hab ich versucht über Systemsteuerung->Programme deinstallieren->Updates deinstallieren. Fehlermeldung: Konnte nicht deinstalliert werden... Gruß larue |
|
13.04.2011, 15:37
| #40 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Hat dein Benutzerprofil ne macke? Erstell dir mal über die Systemsteuerung ein neues Benutzerkonto und log dich da mal ein, teste den IE9.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.04.2011, 15:57
| #41 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Nichts zu wollen! Auch ohne AddOns nicht. Hab noch so´n Buck entdeckt: In den Miniaturanwendungen kann ich zwar den Kalender aufrufen, er ist aber leer. Geändert von larue (13.04.2011 um 16:17 Uhr) |
|
13.04.2011, 20:21
| #42 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Poste bitte nochmal frische OTL-Logs, vllt wurde irgendeine Kleinigkeit übersehen...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2011, 14:44
| #43 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Hallo Arne, bitteschön, kommt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 14.04.2011 15:32:36 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 910,41 Gb Total Space | 837,93 Gb Free Space | 92,04% Space Free | Partition Type: NTFS Drive D: | 20,00 Gb Total Space | 11,67 Gb Free Space | 58,33% Space Free | Partition Type: NTFS Drive I: | 149,01 Gb Total Space | 98,20 Gb Free Space | 65,90% Space Free | Partition Type: FAT32 Computer Name: KP-BÜRO | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Windows\System32\cjpcsc.exe (REINER SCT) PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\FRITZ!\FriFax32.exe (AVM Berlin) PRC - C:\Programme\FRITZ!\FriFon32.exe (AVM Berlin) PRC - C:\Programme\FRITZ!\IWatch.exe (AVM Berlin) PRC - C:\Programme\StorageCraft\ShadowProtect\ShadowProtectSvc.exe (StorageCraft Technology Corporation) PRC - C:\Windows\System32\vsnapvss.exe (StorageCraft Technology Corporation) PRC - C:\Programme\IBM\Lotus\Notes\ntmulti.exe (IBM Corp) PRC - C:\Programme\Common Files\AVM\De_serv.exe (AVM Berlin) ========== Modules (SafeList) ========== MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (cjpcsc) -- C:\Windows\System32\cjpcsc.exe (REINER SCT) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ShadowProtectSvc) -- C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe (StorageCraft Technology Corporation) SRV - (VSNAPVSS) -- C:\Windows\System32\vsnapvss.exe (StorageCraft Technology Corporation) SRV - (Multi-user Cleanup Service) -- C:\Program Files\IBM\Lotus\Notes\ntmulti.exe (IBM Corp) SRV - (de_serv) -- C:\Programme\Common Files\AVM\De_serv.exe (AVM Berlin) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (USBET) -- C:\Windows\System32\drivers\ETdrv.sys (Etron) DRV - (cjusb) -- C:\Windows\System32\drivers\cjusb.sys (REINER SCT) DRV - (AVMPORT) -- C:\Windows\System32\drivers\avmport.sys (AVM Berlin) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (Serial) -- C:\Windows\system32\DRIVERS\serial.sys (Brother Industries Ltd.) DRV - (FPCIBASE) -- C:\Windows\System32\drivers\fpcibase.sys (AVM Berlin) DRV - (AVMCOWAN) -- C:\Windows\System32\drivers\avmcowan.sys (AVM GmbH) DRV - (sbmount) -- C:\Windows\System32\drivers\sbmount.sys (StorageCraft Technology Corporation) DRV - (NETFRITZ) -- C:\Windows\System32\drivers\Netfritz.sys (AVM Berlin) DRV - (bizVSerial) -- C:\Windows\System32\drivers\bizVSerialNT.sys (franson.biz) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 09:50:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.30 18:40:26 | 000,000,000 | ---D | M] [2011.04.11 17:15:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.12.06 13:15:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.11 17:16:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.04.11 17:15:49 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.27 07:44:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.10.27 07:44:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.10.27 07:44:13 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.10.27 07:44:13 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.10.27 07:44:13 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.07 16:23:38 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.04.13 18:28:27 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.04.13 16:52:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\FRITZ! [2011.04.13 16:52:06 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.04.13 16:52:06 | 000,000,000 | R--D | C] -- C:\Users\Admin\Searches [2011.04.13 16:52:06 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.04.13 16:51:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Identities [2011.04.13 16:51:55 | 000,000,000 | R--D | C] -- C:\Users\Admin\Contacts [2011.04.13 16:51:52 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VirtualStore [2011.04.12 15:15:20 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Google [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Vorlagen [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Verlauf [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Temporary Internet Files [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Startmenü [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\SendTo [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Recent [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Netzwerkumgebung [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Lokale Einstellungen [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Videos [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Musik [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Eigene Dateien [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Documents\Eigene Bilder [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Druckumgebung [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Cookies [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\AppData\Local\Anwendungsdaten [2011.04.12 15:13:45 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Anwendungsdaten [2011.04.12 15:13:44 | 000,000,000 | --SD | C] -- C:\Users\Admin\AppData\Roaming\Microsoft [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Videos [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Saved Games [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Pictures [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Music [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Links [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Favorites [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Downloads [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Documents [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\Desktop [2011.04.12 15:13:44 | 000,000,000 | R--D | C] -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.04.12 15:13:44 | 000,000,000 | -H-D | C] -- C:\Users\Admin\AppData [2011.04.12 15:13:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\temp [2011.04.12 15:13:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft [2011.04.12 15:13:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Media Center Programs [2011.04.11 17:17:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2011.04.11 17:15:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.04.11 17:15:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.04.11 17:15:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.04.11 17:15:45 | 000,000,000 | ---D | C] -- C:\Programme\Java [2011.04.11 17:00:51 | 000,000,000 | ---D | C] -- C:\Programme\SumatraPDF [2011.04.11 16:57:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2011.04.11 12:54:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2011.04.11 12:53:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2011.04.11 10:46:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2011.04.11 10:46:20 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.04.11 10:46:20 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2011.04.11 10:46:20 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2011.04.11 10:46:18 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2011.04.11 10:46:18 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2011.04.11 10:46:17 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2011.04.11 10:46:17 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2011.04.11 10:46:16 | 003,966,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.04.11 10:46:16 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.04.11 10:46:16 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2011.04.11 10:46:16 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2011.04.11 10:46:15 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2011.04.11 10:46:15 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2011.04.11 10:46:14 | 003,911,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011.04.11 10:46:14 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2011.04.11 10:46:14 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2011.04.11 10:46:14 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2011.04.11 10:46:13 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2011.04.11 10:46:13 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2011.04.11 10:46:12 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll [2011.04.11 10:46:11 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2011.04.11 10:46:10 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.04.11 10:46:10 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll [2011.04.11 10:46:10 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2011.04.11 10:46:09 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys [2011.04.11 10:46:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe [2011.04.11 10:46:08 | 001,038,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2011.04.11 10:46:08 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2011.04.11 10:46:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2011.04.11 10:46:08 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll [2011.04.11 10:46:08 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2011.04.11 10:46:07 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll [2011.04.11 10:46:07 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2011.04.11 10:46:07 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011.04.11 10:46:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll [2011.04.11 10:46:06 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe [2011.04.11 10:46:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2011.04.11 10:46:06 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2011.04.11 10:46:06 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll [2011.04.11 10:46:06 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll [2011.04.11 10:46:06 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll [2011.04.11 10:46:05 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2011.04.11 10:46:05 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll [2011.04.11 10:46:05 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2011.04.11 10:46:05 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll [2011.04.11 10:46:04 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2011.04.11 10:46:04 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll [2011.04.11 10:46:04 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll [2011.04.11 10:46:04 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2011.04.11 10:46:04 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll [2011.04.11 10:46:04 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll [2011.04.11 10:46:03 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2011.04.11 10:46:03 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2011.04.11 10:46:01 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2011.04.11 10:46:01 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll [2011.04.11 10:46:01 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2011.04.11 10:46:01 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2011.04.11 10:46:01 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2011.04.11 10:46:01 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe [2011.04.11 10:46:00 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2011.04.11 10:46:00 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2011.04.11 10:46:00 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2011.04.11 10:46:00 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll [2011.04.11 10:46:00 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe [2011.04.11 10:46:00 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.04.11 10:45:59 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll [2011.04.11 10:45:59 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll [2011.04.11 10:45:59 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll [2011.04.11 10:45:58 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2011.04.11 10:45:58 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll [2011.04.11 10:45:58 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2011.04.11 10:45:58 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll [2011.04.11 10:45:58 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2011.04.11 10:45:58 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll [2011.04.11 10:45:58 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2011.04.11 10:45:58 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe [2011.04.11 10:45:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2011.04.11 10:45:58 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll [2011.04.11 10:45:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.04.11 10:45:57 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll [2011.04.11 10:45:57 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2011.04.11 10:45:57 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2011.04.11 10:45:56 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll [2011.04.11 10:45:56 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2011.04.11 10:45:56 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe [2011.04.11 10:45:56 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2011.04.11 10:45:56 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2011.04.11 10:45:56 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll [2011.04.11 10:45:56 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2011.04.11 10:45:55 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2011.04.11 10:45:55 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2011.04.11 10:45:55 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe [2011.04.11 10:45:55 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll [2011.04.11 10:45:55 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll [2011.04.11 10:45:55 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll [2011.04.11 10:45:55 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll [2011.04.11 10:45:53 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll [2011.04.11 10:45:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll [2011.04.11 10:45:52 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2011.04.11 10:45:52 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.11 10:45:52 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2011.04.11 10:45:52 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2011.04.11 10:45:52 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2011.04.11 10:45:52 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2011.04.11 10:45:52 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll [2011.04.11 10:45:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2011.04.11 10:45:52 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2011.04.11 10:45:52 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys [2011.04.11 10:45:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe [2011.04.11 10:45:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2011.04.11 10:45:52 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2011.04.11 10:45:52 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe [2011.04.11 10:45:52 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll [2011.04.11 10:45:51 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2011.04.11 10:45:51 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2011.04.11 10:45:51 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [2011.04.11 10:45:51 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll [2011.04.11 10:45:51 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll [2011.04.11 10:45:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL [2011.04.11 10:45:51 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll [2011.04.11 10:45:51 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll [2011.04.11 10:45:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2011.04.11 10:45:51 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2011.04.11 10:45:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll [2011.04.11 10:45:50 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll [2011.04.11 10:45:50 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL [2011.04.11 10:45:50 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2011.04.11 10:45:50 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe [2011.04.11 10:45:50 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll [2011.04.11 10:45:50 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2011.04.11 10:45:50 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2011.04.11 10:45:50 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe [2011.04.11 10:45:50 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll [2011.04.11 10:45:50 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll [2011.04.11 10:45:50 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll [2011.04.11 10:45:50 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe [2011.04.11 10:45:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2011.04.11 10:45:49 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2011.04.11 10:45:49 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll [2011.04.11 10:45:49 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2011.04.11 10:45:49 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll [2011.04.11 10:45:49 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2011.04.11 10:45:48 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll [2011.04.11 10:45:48 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll [2011.04.11 10:45:48 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe [2011.04.11 10:45:48 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2011.04.11 10:45:48 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2011.04.11 10:45:48 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll [2011.04.11 10:45:48 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll [2011.04.11 10:45:48 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll [2011.04.11 10:45:48 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2011.04.11 10:45:44 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2011.04.11 10:45:42 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2011.04.11 10:45:42 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2011.04.11 10:45:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2011.04.11 10:45:42 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll [2011.04.11 10:45:42 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll [2011.04.11 10:45:42 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll [2011.04.11 10:45:42 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL [2011.04.11 10:45:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2011.04.11 10:45:42 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll [2011.04.11 10:45:42 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2011.04.11 10:45:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe [2011.04.11 10:45:41 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2011.04.11 10:45:41 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2011.04.11 10:45:41 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2011.04.11 10:45:41 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2011.04.11 10:45:40 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2011.04.11 10:45:40 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2011.04.11 10:45:40 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2011.04.11 10:45:40 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2011.04.11 10:45:40 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2011.04.11 10:45:40 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll [2011.04.11 10:45:40 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2011.04.11 10:45:40 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL [2011.04.11 10:45:40 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2011.04.11 10:45:40 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll [2011.04.11 10:45:39 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2011.04.11 10:45:39 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll [2011.04.11 10:45:39 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll [2011.04.11 10:45:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2011.04.11 10:45:38 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll [2011.04.11 10:45:38 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2011.04.11 10:45:38 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2011.04.11 10:45:38 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2011.04.11 10:45:38 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll [2011.04.11 10:45:38 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2011.04.11 10:45:38 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2011.04.11 10:45:38 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2011.04.11 10:45:38 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2011.04.11 10:45:38 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe [2011.04.11 10:45:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll [2011.04.11 10:45:37 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll [2011.04.11 10:45:37 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll [2011.04.11 10:45:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2011.04.11 10:45:37 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll [2011.04.11 10:45:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll [2011.04.11 10:45:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll [2011.04.11 10:45:37 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll [2011.04.11 10:45:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2011.04.11 10:45:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2011.04.11 10:45:37 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys [2011.04.11 10:45:37 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.04.11 10:45:37 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys [2011.04.11 10:45:36 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll [2011.04.11 10:45:36 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2011.04.11 10:45:36 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll [2011.04.11 10:45:36 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll [2011.04.11 10:45:36 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll [2011.04.11 10:45:36 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll [2011.04.11 10:45:36 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll [2011.04.11 10:45:36 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe [2011.04.11 10:45:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2011.04.11 10:45:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll [2011.04.11 10:45:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll [2011.04.11 10:45:36 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll [2011.04.11 10:45:36 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2011.04.11 10:45:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll [2011.04.11 10:45:36 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys [2011.04.11 10:45:36 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys [2011.04.11 10:45:35 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2011.04.11 10:45:35 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2011.04.11 10:45:35 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll [2011.04.11 10:45:35 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll [2011.04.11 10:45:35 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011.04.11 10:45:35 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2011.04.11 10:45:34 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll [2011.04.11 10:45:34 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2011.04.11 10:45:34 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll [2011.04.11 10:45:34 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll [2011.04.11 10:45:34 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll [2011.04.11 10:45:34 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2011.04.11 10:45:33 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2011.04.11 10:45:33 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe [2011.04.11 10:45:33 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll [2011.04.11 10:45:33 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll [2011.04.11 10:45:33 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2011.04.11 10:45:33 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2011.04.11 10:45:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2011.04.11 10:45:33 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2011.04.11 10:45:33 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2011.04.11 10:45:33 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll [2011.04.11 10:45:33 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2011.04.11 10:45:33 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll [2011.04.11 10:45:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe [2011.04.11 10:45:33 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll [2011.04.11 10:45:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe [2011.04.11 10:45:31 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2011.04.11 10:45:31 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2011.04.11 10:45:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2011.04.11 10:45:30 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2011.04.11 10:45:30 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl [2011.04.11 10:45:30 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll [2011.04.11 10:45:30 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2011.04.11 10:45:30 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL [2011.04.11 10:45:30 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll [2011.04.11 10:45:30 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll [2011.04.11 10:45:29 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2011.04.11 10:45:29 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll [2011.04.11 10:45:29 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll [2011.04.11 10:45:29 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2011.04.11 10:45:29 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe [2011.04.11 10:45:29 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2011.04.11 10:45:29 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll [2011.04.11 10:45:29 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll [2011.04.11 10:45:29 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2011.04.11 10:45:29 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll [2011.04.11 10:45:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll [2011.04.11 10:45:29 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll [2011.04.11 10:45:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2011.04.11 10:45:29 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll [2011.04.11 10:45:29 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2011.04.11 10:45:29 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2011.04.11 10:45:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2011.04.11 10:45:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2011.04.11 10:45:28 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2011.04.11 10:45:28 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2011.04.11 10:45:28 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2011.04.11 10:45:28 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2011.04.11 10:45:28 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll [2011.04.11 10:45:28 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll [2011.04.11 10:45:28 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2011.04.11 10:45:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll [2011.04.11 10:45:27 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll [2011.04.11 10:45:27 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll [2011.04.11 10:45:27 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2011.04.11 10:45:27 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2011.04.11 10:45:27 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll [2011.04.11 10:45:27 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl [2011.04.11 10:45:27 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll [2011.04.11 10:45:27 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll [2011.04.11 10:45:27 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll [2011.04.11 10:45:27 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2011.04.11 10:45:27 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2011.04.11 10:45:27 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2011.04.11 10:45:27 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe [2011.04.11 10:45:27 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2011.04.11 10:45:27 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe [2011.04.11 10:45:27 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe [2011.04.11 10:45:27 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll [2011.04.11 10:45:27 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax [2011.04.11 10:45:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2011.04.11 10:45:27 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2011.04.11 10:45:27 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe [2011.04.11 10:45:27 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2011.04.11 10:45:27 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll [2011.04.11 10:45:27 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll [2011.04.11 10:45:27 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL [2011.04.11 10:45:27 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll [2011.04.11 10:45:27 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll [2011.04.11 10:45:27 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll [2011.04.11 10:45:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax [2011.04.11 10:45:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2011.04.11 10:45:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2011.04.11 10:45:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2011.04.11 10:45:26 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2011.04.11 10:45:26 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe [2011.04.11 10:45:26 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll [2011.04.11 10:45:26 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll [2011.04.11 10:45:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2011.04.11 10:45:26 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll [2011.04.11 10:45:26 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll [2011.04.11 10:45:26 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll [2011.04.11 10:45:26 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp [2011.04.11 10:45:26 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe [2011.04.11 10:45:26 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll [2011.04.11 10:45:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll [2011.04.11 10:45:26 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll [2011.04.11 10:45:26 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2011.04.11 10:45:26 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll [2011.04.11 10:45:26 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll [2011.04.11 10:45:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2011.04.11 10:45:26 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe [2011.04.11 10:45:26 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2011.04.11 10:45:26 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe [2011.04.11 10:45:26 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2011.04.11 10:45:26 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll [2011.04.11 10:45:26 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe [2011.04.11 10:45:26 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll [2011.04.11 10:45:26 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2011.04.11 10:45:25 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2011.04.11 10:45:25 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2011.04.11 10:45:25 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe [2011.04.11 10:45:25 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr [2011.04.11 10:45:25 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2011.04.11 10:45:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll [2011.04.11 10:45:25 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll [2011.04.11 10:45:25 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll [2011.04.11 10:45:25 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll [2011.04.11 10:45:25 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll [2011.04.11 10:45:25 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.04.11 10:45:25 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2011.04.11 10:45:25 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2011.04.11 10:45:25 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe [2011.04.11 10:45:25 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll [2011.04.11 10:45:25 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll [2011.04.11 10:45:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2011.04.11 10:45:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2011.04.11 10:45:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll [2011.04.11 10:45:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2011.04.11 10:45:24 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll [2011.04.11 10:45:24 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2011.04.11 10:45:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe [2011.04.11 10:45:24 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2011.04.11 10:45:24 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe [2011.04.11 10:45:24 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll [2011.04.11 10:45:24 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2011.04.11 10:45:24 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2011.04.11 10:45:24 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll [2011.04.11 10:45:24 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll [2011.04.11 10:45:24 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll [2011.04.11 10:45:24 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2011.04.11 10:45:24 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2011.04.11 10:45:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL [2011.04.11 10:45:24 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll [2011.04.11 10:45:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe [2011.04.11 10:45:24 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe [2011.04.11 10:45:24 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL [2011.04.11 10:45:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll [2011.04.11 10:45:24 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2011.04.11 10:45:23 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2011.04.11 10:45:23 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr [2011.04.11 10:45:23 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll [2011.04.11 10:45:23 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2011.04.11 10:45:23 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll [2011.04.11 10:45:23 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2011.04.11 10:45:23 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll [2011.04.11 10:45:23 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2011.04.11 10:45:23 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll [2011.04.11 10:45:23 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr [2011.04.11 10:45:23 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr [2011.04.11 10:45:23 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe [2011.04.11 10:45:23 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll [2011.04.11 10:45:23 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll [2011.04.11 10:45:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2011.04.11 10:45:23 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2011.04.11 10:45:23 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll [2011.04.11 10:45:23 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl [2011.04.11 10:45:23 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe [2011.04.11 10:45:23 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2011.04.11 10:45:23 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll [2011.04.11 10:45:23 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll [2011.04.11 10:45:23 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL [2011.04.11 10:45:23 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2011.04.11 10:45:23 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax [2011.04.11 10:45:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2011.04.11 10:45:23 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll [2011.04.11 10:45:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe [2011.04.11 10:45:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe [2011.04.11 10:45:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2011.04.11 10:45:23 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2011.04.11 10:45:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe [2011.04.11 10:45:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll [2011.04.11 10:45:23 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll [2011.04.11 10:45:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll [2011.04.11 10:45:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2011.04.11 10:45:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll [2011.04.11 10:45:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll [2011.04.11 10:45:22 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL [2011.04.11 10:45:22 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2011.04.11 10:45:22 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll [2011.04.11 10:45:22 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2011.04.11 10:45:22 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll [2011.04.11 10:45:22 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2011.04.11 10:45:22 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll [2011.04.11 10:45:22 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll [2011.04.11 10:45:22 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll [2011.04.11 10:45:22 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax [2011.04.11 10:45:22 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2011.04.11 10:45:22 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2011.04.11 10:45:22 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll [2011.04.11 10:45:22 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax [2011.04.11 10:45:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll [2011.04.11 10:45:22 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll [2011.04.11 10:45:22 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2011.04.11 10:45:22 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe [2011.04.11 10:45:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll [2011.04.11 10:45:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll [2011.04.11 10:45:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2011.04.11 10:45:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax [2011.04.11 10:45:22 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL [2011.04.11 10:45:22 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll [2011.04.11 10:45:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe [2011.04.11 10:45:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll [2011.04.11 10:45:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2011.04.11 10:45:21 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2011.04.11 10:45:20 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2011.04.11 10:45:20 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe [2011.04.11 10:45:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll [2011.04.11 10:45:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe [2011.04.11 10:45:20 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll [2011.04.11 10:45:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2011.04.11 10:45:20 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll [2011.04.11 10:45:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll [2011.04.11 10:45:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll [2011.04.11 10:45:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll [2011.04.11 10:45:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe [2011.04.11 10:45:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe [2011.04.11 10:45:19 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2011.04.11 10:45:19 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll [2011.04.11 10:45:19 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll [2011.04.11 10:45:19 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll [2011.04.11 10:45:19 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe [2011.04.11 10:45:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll [2011.04.11 10:45:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2011.04.11 10:45:19 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl [2011.04.11 10:45:19 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2011.04.11 10:45:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2011.04.11 10:45:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2011.04.11 10:45:19 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll [2011.04.11 10:45:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll [2011.04.11 10:45:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll [2011.04.11 10:45:19 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll [2011.04.11 10:45:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll [2011.04.11 10:45:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe [2011.04.11 10:45:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll [2011.04.11 10:45:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax [2011.04.11 10:45:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll [2011.04.11 10:45:19 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll [2011.04.11 10:45:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe [2011.04.11 10:45:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2011.04.11 10:45:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll [2011.04.11 10:45:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2011.04.11 10:45:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe [2011.04.11 10:45:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe [2011.04.11 10:45:19 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe [2011.04.11 10:45:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe [2011.04.11 10:45:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe [2011.04.11 10:45:19 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe [2011.04.11 10:45:19 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe [2011.04.11 10:45:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe [2011.04.11 10:45:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe [2011.04.11 10:45:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe [2011.04.11 10:45:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll [2011.04.11 10:45:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll [2011.04.11 10:45:18 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2011.04.11 10:45:18 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2011.04.11 10:45:18 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll [2011.04.11 10:45:18 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2011.04.11 10:45:18 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2011.04.11 10:45:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll [2011.04.11 10:45:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll [2011.04.11 10:45:18 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2011.04.11 10:45:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe [2011.04.11 10:45:18 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax [2011.04.11 10:45:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe [2011.04.11 10:45:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll [2011.04.11 10:45:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll [2011.04.11 10:45:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll [2011.04.11 10:45:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll [2011.04.11 10:45:18 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll [2011.04.11 10:45:18 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe [2011.04.11 10:45:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax [2011.04.11 10:45:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll [2011.04.11 10:45:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll [2011.04.11 10:45:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2011.04.11 10:45:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll [2011.04.11 10:45:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.11 10:45:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys [2011.04.11 10:45:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe [2011.04.11 10:45:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe [2011.04.11 10:45:18 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll [2011.04.11 10:45:18 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe [2011.04.11 10:45:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys [2011.04.11 10:45:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll [2011.04.11 10:45:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe [2011.04.11 10:45:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe [2011.04.11 10:45:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe [2011.04.11 10:45:18 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll [2011.04.11 10:45:18 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe [2011.04.11 10:45:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll [2011.04.11 10:45:17 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2011.04.11 10:45:17 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax [2011.04.11 10:45:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll [2011.04.11 10:45:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2011.04.11 10:45:17 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2011.04.11 10:45:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2011.04.11 10:45:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll [2011.04.11 10:45:17 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2011.04.11 10:45:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe [2011.04.11 10:45:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe [2011.04.11 10:45:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll [2011.04.11 10:45:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll [2011.04.11 10:45:15 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll [2011.04.11 10:45:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll [2011.04.11 10:45:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll [2011.04.11 10:45:14 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll [2011.04.11 10:45:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll [2011.04.11 10:45:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll [2011.04.11 10:45:12 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll [2011.04.11 10:45:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll [2011.04.11 10:45:11 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2011.04.11 10:45:11 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2011.04.11 10:45:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2011.04.11 10:45:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll [2011.04.11 10:45:11 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys [2011.04.11 10:45:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll [2011.04.11 10:45:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll [2011.04.11 10:45:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll [2011.04.11 10:45:10 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys [2011.04.11 10:45:10 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys [2011.04.11 10:45:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll [2011.04.11 10:45:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll [2011.04.11 10:45:09 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll [2011.04.11 10:45:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll [2011.04.11 10:45:09 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll [2011.04.11 10:45:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll [2011.04.11 10:45:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll [2011.04.11 10:45:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL [2011.04.11 10:45:09 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll [2011.04.11 10:45:09 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2011.04.11 10:45:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2011.04.11 10:45:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2011.04.11 10:45:08 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011.04.11 10:45:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll [2011.04.11 10:45:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL [2011.04.11 10:45:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL [2011.04.11 10:45:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL [2011.04.11 10:45:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL [2011.04.11 10:45:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll [2011.04.11 10:45:07 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll [2011.04.11 10:45:07 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll [2011.04.11 10:45:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll [2011.04.11 10:45:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL [2011.04.11 10:45:07 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL [2011.04.11 10:45:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL [2011.04.11 10:45:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys [2011.04.11 10:45:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll [2011.04.11 10:45:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011.04.11 10:43:45 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll [2011.04.11 10:43:45 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2011.04.11 10:43:10 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll [2011.04.11 10:43:06 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2011.04.11 10:43:06 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2011.04.11 10:40:56 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2011.04.11 10:40:56 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll [2011.04.08 10:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.04.08 10:49:42 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2011.04.07 16:24:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011.04.07 16:16:57 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011.04.06 17:23:22 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011.04.06 17:23:22 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011.04.06 17:23:22 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011.04.06 16:58:37 | 000,000,000 | ---D | C] -- C:\Qoobox [2011.04.06 10:17:34 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.04.05 18:16:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.04.05 18:16:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.04.05 18:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.04.05 18:16:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.04.05 18:16:28 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.04.05 16:43:46 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011.04.04 14:51:34 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.04 14:51:34 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.04 14:51:34 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.04 14:51:34 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.04 14:51:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.04 14:51:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.04 14:51:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.04 14:51:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.04 14:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Software4u [2011.04.04 14:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry CleanUP 5 [2011.04.04 14:11:46 | 000,000,000 | ---D | C] -- C:\Programme\Software4u [2011.03.30 18:40:08 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2011.03.30 18:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.03.29 13:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP530 Manual [2011.03.29 13:05:43 | 000,000,000 | ---D | C] -- C:\Programme\Canon [2011.03.23 17:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sweet Home 3D [2011.03.23 17:00:52 | 000,000,000 | ---D | C] -- C:\Programme\Sweet Home 3D [2011.03.21 16:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch [2011.03.21 16:21:22 | 000,000,000 | ---D | C] -- C:\Programme\Brother ========== Files - Modified Within 30 Days ========== [2011.04.14 15:22:21 | 000,014,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.14 15:22:21 | 000,014,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.14 15:20:40 | 000,657,438 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.14 15:20:40 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.14 15:20:40 | 000,130,810 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.14 15:20:40 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.14 15:17:22 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.14 15:13:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.14 15:13:41 | 2408,927,232 | -HS- | M] () -- C:\hiberfil.sys [2011.04.13 18:48:05 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.13 16:52:06 | 000,001,224 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Launch Internet Explorer Browser.lnk [2011.04.11 17:15:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011.04.11 17:15:47 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011.04.11 17:15:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011.04.11 17:15:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011.04.11 13:11:54 | 000,531,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.11 12:58:24 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll [2011.04.07 16:23:38 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.04.05 18:16:32 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.04 14:51:34 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.04.04 14:51:34 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.04.04 14:51:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.04.04 14:51:34 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.04.04 14:51:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.04.04 14:51:34 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.04.04 14:51:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.04 14:51:34 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.04.04 14:51:34 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.03.30 18:40:26 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.29 13:06:08 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\MP530 Online-Handbuch.lnk [2011.03.21 16:21:45 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\P-touch Editor 5.0.lnk [2011.03.18 11:17:36 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys ========== Files Created - No Company Name ========== [2011.04.13 18:31:01 | 000,000,959 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk [2011.04.13 16:52:06 | 000,001,248 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.04.12 15:15:17 | 000,001,224 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Launch Internet Explorer Browser.lnk [2011.04.11 17:00:52 | 000,001,879 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk [2011.04.11 10:46:12 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2011.04.11 10:45:19 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.04.11 10:45:15 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml [2011.04.11 10:45:06 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml [2011.04.06 17:23:22 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011.04.06 17:23:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011.04.06 17:23:22 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011.04.06 17:23:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011.04.06 17:23:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011.04.05 18:16:32 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.04 14:51:34 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011.03.30 18:40:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.03.30 18:40:26 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.03.29 13:05:43 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\MP530 Online-Handbuch.lnk [2011.03.21 16:21:45 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\P-touch Editor 5.0.lnk [2011.01.10 15:35:55 | 000,073,728 | ---- | C] () -- C:\Windows\System32\ETCoInst.dll [2010.12.29 12:38:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.16 11:38:15 | 000,003,072 | ---- | C] () -- C:\Windows\System32\CNCFLaNL.DLL [2010.11.10 19:16:52 | 000,000,396 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2010.11.10 19:16:43 | 000,167,936 | ---- | C] () -- C:\Windows\System32\SerialXP.dll [2010.11.10 19:16:43 | 000,027,648 | ---- | C] () -- C:\Windows\System32\win32com.dll [2010.11.03 14:56:56 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe [2009.12.03 10:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.07.14 10:50:01 | 000,657,438 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:50:01 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:50:01 | 000,130,810 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:50:01 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,531,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,618,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,107,034 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2008.07.22 22:27:42 | 000,061,440 | ---- | C] () -- C:\Windows\System32\PTQL5F.DLL [2007.08.16 16:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll [2007.05.08 18:33:56 | 000,001,235 | ---- | C] () -- C:\Windows\System32\PTQL5L.INI [2005.12.21 17:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll [2005.12.21 17:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll ========== LOP Check ========== [2011.04.13 16:52:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FRITZ! [2011.04.01 18:14:29 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:9453D700 < End of report > _________________________________________________________________OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.04.2011 15:32:36 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 73,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 837,93 Gb Free Space | 92,04% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,67 Gb Free Space | 58,33% Space Free | Partition Type: NTFS
Drive I: | 149,01 Gb Total Space | 98,20 Gb Free Space | 65,90% Space Free | Partition Type: FAT32
Computer Name: KP-BÜRO | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5D3DAABF-723A-44FB-9408-6AB8887DD056}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content
"{0456406C-58AA-42FD-A8C9-3CB2C3471F3C}" = StarMoney 7.0 S-Edition
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3215EBED-1D06-42fb-A05C-A752A46FB24C}" = Canon MP530
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{368FCA18-C510-4F87-B60E-192B9BDBAE3D}" = CorelDRAW Graphics Suite X5
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{47879FA7-BC8F-4D7F-8057-86D0416579FA}" = StarMoney
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5D3DAABF-723A-44FB-9408-6AB8887DD056}" = Corel Graphics - Windows Shell Extension
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" = CorelDRAW Graphics Suite X5 - ES
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8850DEC8-22FD-4F05-A3AA-49B91200C24F}" = ShadowProtect Desktop
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F18CFF8-8259-4148-AD00-2EE572754E92}" = CorelDRAW Graphics Suite X5 - FR
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90C67C7D-E918-402C-9856-7B13999E1786}" = StarMoney
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92633C0F-C9BE-41E3-B439-0B508F859DB5}" = StarMoney
"{93065006-E460-4E31-B7A6-79783DD44B42}" = ShadowProtect Desktop
"{93FD6FA9-8A9E-4651-B988-5869FD6A0889}" = CONRAD USB WEBCAM
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A653AE3D-2B82-46F2-BB14-6AA4EB5EB56C}" = Lotus Notes 8.0.2 de
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B20F9D1C-A0A5-4cd8-8306-DE95842311B1}" = REALTEK Wireless LAN Driver
"{B3B2E45F-A0FC-47C6-B399-72D9D8482C8A}" = Visual Basic for Applications (R) Core - German
"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" = CorelDRAW Graphics Suite X5 - NL
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" = CorelDRAW Graphics Suite X5 - IT
"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"247C9365-9617-43EE-934F-84A8ADCB89D7_is1" = Registry CleanUP 5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1212
"FRITZ! 2.0" = AVM FRITZ!
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 11.01.1190" = Opera 11.01
"SumatraPDF" = SumatraPDF
"Sweet Home 3D_is1" = Sweet Home 3D version 3.1
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.04.2011 04:19:02 | Computer Name = KP-Büro | Source = Application Hang | ID = 1002
Description = Programm CorelDRW.exe, Version 15.2.0.661 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e98 Startzeit:
01cbf81fa168e7e5 Endzeit: 47 Anwendungspfad: C:\Program Files\Corel\CorelDRAW Graphics
Suite X5\Programs\CorelDRW.exe Berichts-ID:
Error - 11.04.2011 06:53:57 | Computer Name = KP-Büro | Source = VSS | ID = 12305
Description =
Error - 11.04.2011 07:19:22 | Computer Name = KP-Büro | Source = Microsoft-Windows-User Profiles Service | ID = 1508
Description = Die Registrierung konnte nicht geladen werden. Dieses Problem wird
oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen
verursacht. Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von
einem anderen Prozess verwendet wird. for C:\Users\***\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error - 11.04.2011 07:19:22 | Computer Name = KP-Büro | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL -
Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess
verwendet wird.
Error - 12.04.2011 07:43:51 | Computer Name = KP-Büro | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: iertutil.dll, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce7b84b Ausnahmecode: 0xc0000005 Fehleroffset: 0x0014e274 ID des fehlerhaften
Prozesses: 0x308 Startzeit der fehlerhaften Anwendung: 0x01cbf906ccd61414 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\iertutil.dll Berichtskennung: 22a74d8d-64fa-11e0-ba98-404e57434401
Error - 12.04.2011 07:44:58 | Computer Name = KP-Büro | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: iertutil.dll, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce7b84b Ausnahmecode: 0xc0000005 Fehleroffset: 0x0014e274 ID des fehlerhaften
Prozesses: 0xbcc Startzeit der fehlerhaften Anwendung: 0x01cbf906f08434f3 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\iertutil.dll Berichtskennung: 4a9300f1-64fa-11e0-ba98-404e57434401
Error - 12.04.2011 09:27:46 | Computer Name = KP-Büro | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
SASDIFSV. System Error: Das System kann die angegebene Datei nicht finden. .
Error - 12.04.2011 09:27:46 | Computer Name = KP-Büro | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary
SASKUTIL. System Error: Das System kann die angegebene Datei nicht finden. .
Error - 12.04.2011 09:41:22 | Computer Name = KP-Büro | Source = Application Hang | ID = 1002
Description = Programm NLNOTES.EXE, Version 8.0.20.8220 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f44 Startzeit:
01cbf8f6c242f4df Endzeit: 15 Anwendungspfad: C:\Program Files\IBM\Lotus\Notes\NLNOTES.EXE
Berichts-ID:
859a5fd6-650a-11e0-ba98-404e57434401
Error - 13.04.2011 12:40:53 | Computer Name = KP-Büro | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: iertutil.dll, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce7b84b Ausnahmecode: 0xc0000005 Fehleroffset: 0x0014e274 ID des fehlerhaften
Prozesses: 0xad4 Startzeit der fehlerhaften Anwendung: 0x01cbf9f97eafb14f Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\iertutil.dll Berichtskennung: cbc5d59e-65ec-11e0-ba0d-404e57434401
[ System Events ]
Error - 13.04.2011 12:29:22 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Aufgabenplanung" ist vom Dienst "Windows-Ereignisprotokoll"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 13.04.2011 12:29:22 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Microsoft Legacy Modem Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 13.04.2011 12:31:50 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Microsoft Legacy Modem Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 13.04.2011 12:32:21 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
StarMoney 7.0 OnlineUpdate erreicht.
Error - 13.04.2011 12:32:24 | Computer Name = KP-Büro | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 13.04.2011 12:32:25 | Computer Name = KP-Büro | Source = WMPNetworkSvc | ID = 866292
Description =
Error - 13.04.2011 12:42:38 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Microsoft Legacy Modem Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 13.04.2011 12:43:09 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
StarMoney 7.0 OnlineUpdate erreicht.
Error - 14.04.2011 09:13:50 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Microsoft Legacy Modem Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 14.04.2011 09:14:20 | Computer Name = KP-Büro | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
StarMoney 7.0 OnlineUpdate erreicht.
< End of report >
_________________________________________________________________ Schöne Grüße, larue |
|
14.04.2011, 14:58
| #44 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll OTL ist unauffällig. Schon mal eine Zurücksetzung der IE-Settings probiert? Start => Systemsteuerung => Internetoptionen => Reiter Erweitert => Unten auf Buttin Zurücksetzen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.04.2011, 15:16
| #45 |
| | Trojaner TR/Spy.ZBot.asur in FXYCNO.dll Laaaanger Seufzer... bringt auch nichts. |
|
| Themen zu Trojaner TR/Spy.ZBot.asur in FXYCNO.dll |
| adobe, alternate, antivir, avgntflt.sys, canon, checkpoint, conduit, desktop, dllhost.exe, document, excel.exe, fehlermeldung, festplatte, firefox, fritz!, google, hängen, infizierte, infizierte datei, install.exe, intranet, jar_cache, langs, location, microsoft office word, msvcr80.dll, neustart, nicht gefunden, nicht mehr öffnen, nt.dll, nvlddmkm.sys, oldtimer, otl.exe, pc-sicherheit, plug-in, problem, programm, prozesse, recover, registry, rundll, saver, searchplugins, security scan, services.exe, shell32.dll, software, sptd.sys, start menu, starten, studio, svchost.exe, taskhost.exe, temp, trojan, trojan.agent.u, trojaner, verweise, virus, virus gefunden, visual studio, warnung, webcheck, windows |
Linear-Darstellung
