Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan:Win32/Ransom.EJ auf meinem Notebook

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.02.2012, 01:43   #1
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



Hallo liebes Team,

ich habe seit einigen Tagen mit dem Trojan:Win32/Ransom.EJ zu kämpfen.

Ich kann den Laptop hochfahren, aber nach einiger Zeit kommt dann das schwarze Fenster mit dem Hinweis, mein Windows wurde blockiert und ich solle Geld zahlen.
Habe Microsoft Security Essentials installiert. Es zeigt bei mir bei jedem Neustart den Trojaner an, ich entferne ihn, aber beim nächsten Mal ist er wieder da.

Daraufhin habe ich Malwarebytes runtergeladen und Scans durchgeführt. Beim ersten wurde eine infizierte Datei erkannt und entfernt, aber der Trojaner ist immer noch vorhanden. In den folgenden Scans tauchen keine infizierten Datein auf.

Vollständiger Scan:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.14.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Bianka :: BIANKA-BAC298C4 [Administrator]

14.02.2012 21:47:08
mbam-log-2012-02-14 (21-47-08).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 187649
Laufzeit: 1 Stunde(n), 26 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Temp\ms0cfg32.exe (Exploit.Drop.CFG) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
Quick-Scan:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.14.05

Windows XP Service Pack 3 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 6.0.2900.5512
Bianka :: BIANKA-BAC298C4 [Administrator]

17.02.2012 01:34:27
mbam-log-2012-02-17 (01-34-27).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 203497
Laufzeit: 12 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Zusätzlich habe ich noch das Problem, dass mein Laptop einfach so ausgeht. Kann da keine Regelmäßigkeit erkennen, irgendwann schaltet er sich einfach ab, kein Bluescreen oder sowas. einfach so als wenn man den Stecker ziehen würde. Kann das auch mit dem Trojaner zusammenhängen oder ist das ein Hardwarefehler?
Deshalb ist es auch schwierig einen vollständigen Scan durchzuführen, weil der PC entweder einfach ausgeht oder der Trojaner zuschlägt und ich selbst den Stecker ziehen muss.

Ich verstehe nicht so viel von PCs und wäre dankbar über einen Ratschlag, den ich auch als Laie versteh

Vielen Dank schonmal

Alt 17.02.2012, 10:19   #2
Chris4You
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



Hi,

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________

__________________

Alt 19.02.2012, 16:40   #3
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



die otl datei ist leider so groß, dass sie weder in den anhang noch in einen post passt, deshalb teile ich sie in 3 teile.

OTL.txt:

Code:
ATTFilter
OTL logfile created on: 19.02.2012 17:18:39 - Run 2
OTL by OldTimer - Version 3.2.33.0     Folder = C:\Dokumente und Einstellungen\Bianka\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 77,97% Memory free
3,72 Gb Paging File | 3,46 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 19,14 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 116,95 Gb Free Space | 97,67% Space Free | Partition Type: NTFS
 
Computer Name: BIANKA-BAC298C4 | User Name: Bianka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Bianka\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) --  File not found
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.02.11 17:45:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: D:\Programme\Mozilla Thunderbird\components [2012.02.14 15:24:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: D:\Programme\Mozilla Thunderbird\plugins
 
[2012.02.11 17:49:08 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Mozilla\Extensions
[2012.02.14 16:32:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Mozilla\Firefox\Profiles\xq9abhi8.default\extensions
[2012.02.13 10:54:48 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.13 10:54:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012.02.08 21:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.02.14 15:23:45 | 000,001,400 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.14 15:23:45 | 000,001,679 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.14 15:23:45 | 000,000,947 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.14 15:23:45 | 000,006,818 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.13 22:59:14 | 000,001,272 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.14 15:23:45 | 000,000,903 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [ffdwnd] C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe (Tomasz Pawlak)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6928255F-0557-40C7-AA77-0861A222591F}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.11 14:41:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.19 17:16:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Bianka\IETldCache
[2012.02.19 17:11:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.02.19 17:10:53 | 011,082,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.02.19 17:10:53 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.02.19 17:10:53 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.02.19 17:10:53 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.02.19 17:10:53 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.02.19 17:10:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.02.19 17:08:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.02.19 17:05:21 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Bianka\Desktop\OTL.exe
[2012.02.17 01:33:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012.02.17 00:22:23 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2012.02.17 00:22:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2012.02.15 20:06:32 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Bianka\Eigene Dateien\ICQ
[2012.02.14 21:42:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Malwarebytes
[2012.02.14 21:42:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.02.14 21:42:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.02.14 21:42:38 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.02.14 21:42:38 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.02.14 13:14:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2012.02.13 22:59:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ICQ-Banner-Remover
[2012.02.13 22:59:44 | 000,000,000 | ---D | C] -- C:\Programme\ICQ-Banner-Remover
[2012.02.13 22:59:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Opera
[2012.02.13 22:59:08 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\WINDOWS\System32\dhRichClient3.dll
[2012.02.13 22:59:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\OCS
[2012.02.13 22:58:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\DesktopIconForAmazon
[2012.02.13 22:23:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Temp
[2012.02.13 22:23:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012.02.13 17:51:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2012.02.13 17:51:45 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild
[2012.02.13 17:51:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2012.02.13 17:51:36 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2012.02.13 17:51:13 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2012.02.13 17:51:12 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2012.02.13 17:51:12 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2012.02.13 17:51:12 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2012.02.13 17:51:12 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2012.02.13 17:51:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2012.02.13 16:20:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2012.02.13 14:19:52 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2012.02.13 14:19:52 | 000,017,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2012.02.13 11:33:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\OpenOffice.org
[2012.02.13 10:56:10 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\OpenOffice.org 3.3
[2012.02.13 10:55:06 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2012.02.13 10:54:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2012.02.13 10:54:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.02.13 10:54:47 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.02.13 10:54:47 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.02.13 10:54:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.02.13 10:54:47 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.02.13 10:54:47 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.02.13 10:54:26 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.02.13 10:54:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Sun
[2012.02.13 10:39:24 | 000,006,144 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiicdxx.sys
[2012.02.13 10:39:22 | 002,782,208 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012.02.13 10:39:22 | 000,122,880 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2012.02.13 10:39:21 | 005,435,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2012.02.13 10:39:21 | 002,060,288 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipuixx.dll
[2012.02.13 10:39:21 | 001,640,192 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012.02.13 10:39:21 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdsxx.dll
[2012.02.13 10:39:21 | 000,180,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll
[2012.02.13 10:39:21 | 000,147,456 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2012.02.13 10:39:21 | 000,114,688 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atippaxx.dll
[2012.02.13 10:39:21 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2012.02.13 10:39:21 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2012.02.13 10:39:18 | 009,535,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglx2.dll
[2012.02.13 10:39:18 | 000,385,024 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2012.02.13 10:39:18 | 000,380,928 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiicdxx.dll
[2012.02.13 10:39:18 | 000,307,200 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2012.02.13 10:39:17 | 002,940,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012.02.13 10:39:17 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll
[2012.02.13 10:39:17 | 000,348,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\aticds10.dll
[2012.02.13 10:39:17 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2012.02.13 10:39:16 | 000,499,712 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012.02.13 10:39:16 | 000,269,312 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012.02.13 10:39:16 | 000,122,880 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2012.02.13 10:39:16 | 000,049,152 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2012.02.13 10:39:16 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2012.02.13 10:39:13 | 001,830,912 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atiadaxx.exe
[2012.02.13 10:39:13 | 000,344,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atiptaxx.exe
[2012.02.13 10:39:13 | 000,139,264 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atiprbxx.exe
[2012.02.13 10:39:13 | 000,061,440 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atiphexx.exe
[2012.02.13 10:39:12 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2012.02.13 10:39:11 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.rus
[2012.02.13 10:39:11 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.ptb
[2012.02.13 10:39:11 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.trk
[2012.02.13 10:39:11 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.tha
[2012.02.13 10:39:11 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.sve
[2012.02.13 10:39:10 | 000,163,840 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.ell
[2012.02.13 10:39:10 | 000,159,744 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.ita
[2012.02.13 10:39:10 | 000,159,744 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.fra
[2012.02.13 10:39:10 | 000,159,744 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.esp
[2012.02.13 10:39:10 | 000,159,744 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.deu
[2012.02.13 10:39:10 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.plk
[2012.02.13 10:39:10 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.nld
[2012.02.13 10:39:10 | 000,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.hun
[2012.02.13 10:39:10 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.nor
[2012.02.13 10:39:10 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.fin
[2012.02.13 10:39:10 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.dan
[2012.02.13 10:39:10 | 000,151,552 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.csy
[2012.02.13 10:39:10 | 000,147,456 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.enu
[2012.02.13 10:39:10 | 000,143,360 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.heb
[2012.02.13 10:39:10 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIRECTX.CPL
[2012.02.13 10:39:10 | 000,118,784 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.jpn
[2012.02.13 10:39:10 | 000,114,688 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.kor
[2012.02.13 10:39:10 | 000,073,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atricdxx.enu
[2012.02.13 10:39:10 | 000,073,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atricdxx.dft
[2012.02.13 10:39:09 | 000,147,456 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.ara
[2012.02.13 10:39:09 | 000,106,496 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.cht
[2012.02.13 10:39:09 | 000,106,496 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atrpuixx.chs
[2012.02.13 10:26:12 | 000,000,000 | ---D | C] -- C:\Programme\MultiRes
[2012.02.13 00:23:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\ATI
[2012.02.13 00:23:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\ATI
[2012.02.12 20:42:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Thunderbird
[2012.02.12 20:42:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Thunderbird
[2012.02.12 20:35:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Bianka\Recent
[2012.02.12 20:31:17 | 000,000,000 | ---D | C] -- C:\Programme\AMD APP
[2012.02.12 20:29:18 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2012.02.12 20:28:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012.02.12 20:26:59 | 000,000,000 | ---D | C] -- C:\AMD
[2012.02.12 20:17:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012.02.12 18:45:30 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012.02.12 18:37:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Macromedia
[2012.02.12 18:37:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Adobe
[2012.02.12 18:35:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.02.12 18:33:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2012.02.12 18:33:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2012.02.12 18:30:29 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012.02.12 18:07:54 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2012.02.12 17:47:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.02.12 17:43:41 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.02.12 17:43:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2012.02.12 17:43:24 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2012.02.12 17:40:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2012.02.12 17:40:53 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2012.02.12 17:40:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
[2012.02.12 17:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ICQ7.7
[2012.02.12 17:33:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\ICQ
[2012.02.12 17:18:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2012.02.12 17:17:04 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2012.02.12 17:17:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2012.02.12 17:17:03 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2012.02.12 17:17:03 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2012.02.12 17:17:03 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2012.02.12 17:17:03 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2012.02.12 17:17:02 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2012.02.12 17:17:02 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2012.02.12 17:17:02 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2012.02.12 17:17:02 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2012.02.12 17:17:01 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2012.02.12 17:17:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2012.02.12 17:17:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2012.02.12 17:17:00 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2012.02.12 17:17:00 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2012.02.12 17:17:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2012.02.12 17:16:59 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2012.02.12 17:16:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2012.02.12 17:16:59 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2012.02.12 17:16:58 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2012.02.12 17:16:58 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2012.02.12 17:16:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2012.02.12 17:16:57 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2012.02.12 17:16:57 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2012.02.12 17:16:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2012.02.12 17:16:56 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2012.02.12 17:16:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2012.02.12 17:16:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2012.02.12 17:16:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2012.02.12 17:16:55 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2012.02.12 17:16:55 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2012.02.12 17:16:55 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2012.02.12 17:16:55 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2012.02.12 17:16:54 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2012.02.12 17:16:54 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2012.02.12 17:16:54 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2012.02.12 17:16:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2012.02.12 17:16:54 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2012.02.12 17:16:53 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2012.02.12 17:16:53 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2012.02.12 17:16:53 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2012.02.12 17:16:53 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2012.02.12 17:16:52 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2012.02.12 17:16:52 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2012.02.12 17:16:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2012.02.12 17:16:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2012.02.12 17:16:51 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2012.02.12 17:16:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2012.02.12 17:16:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2012.02.12 17:16:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2012.02.12 17:16:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2012.02.12 17:16:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2012.02.12 17:16:49 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2012.02.12 17:16:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2012.02.12 17:16:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2012.02.12 17:16:48 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2012.02.12 17:16:48 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2012.02.12 17:16:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2012.02.12 17:16:48 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2012.02.12 17:16:47 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2012.02.12 17:16:47 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2012.02.12 17:16:47 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2012.02.12 17:16:46 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2012.02.12 17:16:46 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2012.02.12 17:16:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2012.02.12 17:16:46 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2012.02.12 17:16:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2012.02.12 17:16:44 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2012.02.12 17:16:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2012.02.12 17:16:43 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2012.02.12 17:16:43 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2012.02.12 17:16:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2012.02.12 17:16:42 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2012.02.12 17:16:42 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2012.02.12 17:16:42 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2012.02.12 17:16:41 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2012.02.12 17:16:41 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2012.02.12 17:16:41 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2012.02.12 17:16:41 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2012.02.12 17:16:40 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2012.02.12 17:16:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2012.02.12 17:16:40 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2012.02.12 17:16:40 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2012.02.12 17:16:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2012.02.12 17:16:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2012.02.12 17:16:39 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2012.02.12 17:16:38 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2012.02.12 17:16:38 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2012.02.12 17:16:38 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2012.02.12 17:16:37 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2012.02.12 17:16:37 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2012.02.12 17:16:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012.02.12 16:59:01 | 002,151,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012.02.12 16:59:01 | 002,029,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012.02.12 16:59:00 | 002,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012.02.12 16:58:59 | 002,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012.02.12 16:56:47 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2012.02.12 16:56:47 | 000,018,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2012.02.12 16:56:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.02.12 16:56:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012.02.11 18:43:54 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012.02.11 18:05:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2012.02.11 18:04:20 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2012.02.11 18:04:18 | 000,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2012.02.11 18:04:16 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2012.02.11 18:04:15 | 000,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2012.02.11 18:04:13 | 000,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2012.02.11 18:04:12 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2012.02.11 18:04:10 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2012.02.11 18:04:09 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2012.02.11 18:04:07 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2012.02.11 18:04:06 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2012.02.11 18:04:04 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2012.02.11 18:03:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2012.02.11 18:03:57 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2012.02.11 18:03:57 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2012.02.11 18:03:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2012.02.11 18:03:57 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2012.02.11 18:03:57 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2012.02.11 18:03:57 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2012.02.11 18:03:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2012.02.11 18:03:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2012.02.11 18:03:54 | 000,086,016 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe
[2012.02.11 18:03:53 | 009,715,200 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTLCPL.exe
[2012.02.11 18:03:53 | 004,703,744 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2012.02.11 18:03:53 | 001,196,032 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlUpd.exe
[2012.02.11 18:03:53 | 000,266,240 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\RTSndMgr.cpl
[2012.02.11 18:03:51 | 002,165,760 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\MicCal.exe
[2012.02.11 18:03:50 | 002,808,832 | R--- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\alcwzrd.exe
[2012.02.11 18:03:50 | 000,299,008 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSndMgr.cpl
[2012.02.11 18:03:50 | 000,069,632 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\Alcmtr.exe
[2012.02.11 18:03:50 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2012.02.11 18:03:46 | 000,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll
[2012.02.11 18:03:46 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2012.02.11 18:03:08 | 000,491,520 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\cselect.exe
[2012.02.11 18:03:08 | 000,077,824 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\tosmreg.exe
[2012.02.11 18:03:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TOSHIBA
[2012.02.11 18:03:08 | 000,000,000 | ---D | C] -- C:\Programme\ltmoh
[2012.02.11 18:03:05 | 001,161,888 | R--- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys
[2012.02.11 18:03:05 | 000,050,752 | ---- | C] (Agere Systems) -- C:\WINDOWS\agrsmdel.exe
[2012.02.11 18:03:05 | 000,013,312 | R--- | C] (Agere Systems) -- C:\WINDOWS\System32\agrscoin.dll
[2012.02.11 18:03:05 | 000,009,216 | R--- | C] (Agere Systems) -- C:\WINDOWS\System32\agrsmsvc.exe
[2012.02.11 18:00:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012.02.11 18:00:27 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2012.02.11 17:49:26 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Bianka\Eigene Dateien\Downloads
[2012.02.11 17:48:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.02.11 17:48:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Mozilla
[2012.02.11 17:45:07 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.02.11 15:32:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.02.11 15:26:42 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\wsimd.sys
[2012.02.11 15:26:42 | 000,058,208 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\wsimd.sys
[2012.02.11 15:26:31 | 001,979,328 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athw.sys
[2012.02.11 15:26:31 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2012.02.11 15:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Options
[2012.02.11 15:26:31 | 000,000,000 | ---D | C] -- C:\Programme\Atheros
[2012.02.11 15:26:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\WinBatch
[2012.02.11 15:20:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.02.11 15:16:56 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012.02.11 15:16:56 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012.02.11 15:16:56 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012.02.11 15:16:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012.02.11 15:16:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012.02.11 15:02:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Atheros
[2012.02.11 15:01:39 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2012.02.11 14:50:40 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Bianka\Eigene Dateien\Eigene Musik
[2012.02.11 14:50:40 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Bianka\Eigene Dateien\Eigene Bilder
[2012.02.11 14:47:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Identities
[2012.02.11 14:47:52 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information
[2012.02.11 14:47:46 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten\Microsoft
[2012.02.11 14:47:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Bianka\Anwendungsdaten
[2012.02.11 14:47:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Bianka\Favoriten
[2012.02.11 14:47:46 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Bianka\Cookies
[2012.02.11 14:47:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Bianka\Druckumgebung
[2012.02.11 14:47:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Desktop
[2012.02.11 14:47:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Bianka\SendTo
[2012.02.11 14:47:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Bianka\Startmenü\Programme\Zubehör
[2012.02.11 14:47:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Bianka\Startmenü
[2012.02.11 14:47:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Bianka\Startmenü\Programme\Autostart
[2012.02.11 14:47:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Bianka\Vorlagen
[2012.02.11 14:47:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Bianka\Netzwerkumgebung
[2012.02.11 14:47:45 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen
[2012.02.11 14:47:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Bianka\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.02.11 14:45:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012.02.11 14:45:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.02.11 14:45:33 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012.02.11 14:45:32 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2012.02.11 14:45:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.02.11 14:45:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.02.11 14:45:11 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2012.02.11 14:44:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012.02.11 14:44:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012.02.11 14:44:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012.02.11 14:44:06 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012.02.11 14:44:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012.02.11 14:44:06 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012.02.11 14:44:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2012.02.11 14:44:05 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012.02.11 14:44:05 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012.02.11 14:44:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012.02.11 14:44:04 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2012.02.11 14:44:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2012.02.11 14:44:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012.02.11 14:44:04 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012.02.11 14:44:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012.02.11 14:44:04 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012.02.11 14:44:03 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012.02.11 14:44:03 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012.02.11 14:44:02 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012.02.11 14:44:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012.02.11 14:44:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2012.02.11 14:44:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012.02.11 14:44:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012.02.11 14:44:00 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012.02.11 14:44:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012.02.11 14:44:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012.02.11 14:44:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012.02.11 14:43:59 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012.02.11 14:43:59 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012.02.11 14:43:59 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012.02.11 14:43:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012.02.11 14:43:58 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2012.02.11 14:43:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012.02.11 14:43:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012.02.11 14:43:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2012.02.11 14:43:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2012.02.11 14:43:56 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012.02.11 14:43:55 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012.02.11 14:43:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012.02.11 14:43:55 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012.02.11 14:43:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012.02.11 14:43:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012.02.11 14:43:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012.02.11 14:43:54 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012.02.11 14:43:54 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012.02.11 14:43:54 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012.02.11 14:43:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012.02.11 14:43:53 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012.02.11 14:43:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012.02.11 14:43:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012.02.11 14:43:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012.02.11 14:43:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012.02.11 14:43:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2012.02.11 14:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012.02.11 14:43:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012.02.11 14:43:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012.02.11 14:43:52 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012.02.11 14:43:52 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012.02.11 14:43:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012.02.11 14:43:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012.02.11 14:43:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012.02.11 14:43:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012.02.11 14:43:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012.02.11 14:43:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012.02.11 14:43:51 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012.02.11 14:43:51 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012.02.11 14:43:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
         
__________________

Alt 19.02.2012, 16:41   #4
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



OTL.txt Teil 2:

Code:
ATTFilter
[2012.02.11 14:43:49 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2012.02.11 14:43:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012.02.11 14:43:48 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012.02.11 14:43:48 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012.02.11 14:43:48 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012.02.11 14:43:48 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2012.02.11 14:43:47 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012.02.11 14:43:47 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012.02.11 14:43:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012.02.11 14:43:47 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2012.02.11 14:43:46 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012.02.11 14:43:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012.02.11 14:43:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012.02.11 14:43:45 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012.02.11 14:43:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012.02.11 14:43:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012.02.11 14:43:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2012.02.11 14:43:43 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012.02.11 14:43:43 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012.02.11 14:43:43 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012.02.11 14:43:43 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012.02.11 14:43:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012.02.11 14:43:42 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012.02.11 14:43:42 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012.02.11 14:43:42 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012.02.11 14:43:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012.02.11 14:43:41 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012.02.11 14:43:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012.02.11 14:43:41 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012.02.11 14:43:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012.02.11 14:43:41 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012.02.11 14:43:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2012.02.11 14:43:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012.02.11 14:43:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012.02.11 14:43:37 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012.02.11 14:43:37 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012.02.11 14:43:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2012.02.11 14:43:34 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012.02.11 14:43:34 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012.02.11 14:43:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012.02.11 14:43:30 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012.02.11 14:43:30 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012.02.11 14:43:30 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2012.02.11 14:43:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012.02.11 14:43:29 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2012.02.11 14:43:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012.02.11 14:43:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012.02.11 14:43:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012.02.11 14:43:28 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012.02.11 14:43:28 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012.02.11 14:43:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2012.02.11 14:43:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012.02.11 14:43:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012.02.11 14:43:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012.02.11 14:43:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012.02.11 14:43:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012.02.11 14:43:26 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012.02.11 14:43:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012.02.11 14:43:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012.02.11 14:43:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012.02.11 14:43:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012.02.11 14:43:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012.02.11 14:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012.02.11 14:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012.02.11 14:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012.02.11 14:43:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012.02.11 14:43:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012.02.11 14:43:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012.02.11 14:43:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012.02.11 14:43:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012.02.11 14:43:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012.02.11 14:43:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012.02.11 14:43:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012.02.11 14:43:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012.02.11 14:43:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012.02.11 14:43:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012.02.11 14:43:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012.02.11 14:43:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012.02.11 14:43:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2012.02.11 14:43:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012.02.11 14:43:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012.02.11 14:43:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012.02.11 14:43:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012.02.11 14:43:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012.02.11 14:43:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012.02.11 14:43:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012.02.11 14:43:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2012.02.11 14:43:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012.02.11 14:43:21 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012.02.11 14:43:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012.02.11 14:43:20 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012.02.11 14:43:20 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012.02.11 14:43:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2012.02.11 14:43:19 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012.02.11 14:43:19 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012.02.11 14:43:19 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012.02.11 14:43:19 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012.02.11 14:43:19 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012.02.11 14:43:18 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012.02.11 14:43:18 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012.02.11 14:43:18 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012.02.11 14:43:18 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012.02.11 14:43:18 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012.02.11 14:43:17 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012.02.11 14:43:17 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012.02.11 14:43:17 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012.02.11 14:43:17 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012.02.11 14:43:16 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012.02.11 14:43:16 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012.02.11 14:43:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012.02.11 14:43:16 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012.02.11 14:43:16 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012.02.11 14:43:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012.02.11 14:43:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012.02.11 14:43:15 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2012.02.11 14:43:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012.02.11 14:43:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012.02.11 14:43:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012.02.11 14:43:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012.02.11 14:43:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012.02.11 14:43:14 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2012.02.11 14:43:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2012.02.11 14:43:09 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012.02.11 14:42:57 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012.02.11 14:42:57 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2012.02.11 14:42:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2012.02.11 14:42:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2012.02.11 14:42:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012.02.11 14:42:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012.02.11 14:42:55 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012.02.11 14:42:55 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012.02.11 14:42:55 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2012.02.11 14:42:54 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012.02.11 14:42:54 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012.02.11 14:42:54 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012.02.11 14:42:54 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012.02.11 14:42:54 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012.02.11 14:42:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012.02.11 14:42:54 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012.02.11 14:42:53 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012.02.11 14:42:53 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012.02.11 14:42:53 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012.02.11 14:42:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012.02.11 14:42:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012.02.11 14:42:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012.02.11 14:42:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012.02.11 14:42:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012.02.11 14:42:52 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012.02.11 14:42:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012.02.11 14:42:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012.02.11 14:42:52 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012.02.11 14:42:52 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012.02.11 14:42:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012.02.11 14:42:52 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2012.02.11 14:42:51 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2012.02.11 14:42:51 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012.02.11 14:42:51 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012.02.11 14:42:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012.02.11 14:42:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012.02.11 14:42:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012.02.11 14:42:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012.02.11 14:42:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012.02.11 14:42:49 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012.02.11 14:42:49 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012.02.11 14:42:49 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012.02.11 14:42:49 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012.02.11 14:42:49 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012.02.11 14:42:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012.02.11 14:42:49 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2012.02.11 14:42:48 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2012.02.11 14:42:48 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012.02.11 14:42:45 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012.02.11 14:42:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2012.02.11 14:42:43 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012.02.11 14:42:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012.02.11 14:42:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012.02.11 14:42:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012.02.11 14:42:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012.02.11 14:42:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2012.02.11 14:42:41 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012.02.11 14:42:41 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012.02.11 14:42:41 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012.02.11 14:42:41 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012.02.11 14:42:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012.02.11 14:42:40 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012.02.11 14:42:40 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012.02.11 14:42:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012.02.11 14:42:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012.02.11 14:42:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012.02.11 14:42:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012.02.11 14:42:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012.02.11 14:42:38 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012.02.11 14:42:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012.02.11 14:42:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012.02.11 14:42:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012.02.11 14:42:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012.02.11 14:42:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012.02.11 14:42:29 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2012.02.11 14:42:29 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012.02.11 14:42:29 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012.02.11 14:42:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012.02.11 14:42:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012.02.11 14:42:28 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012.02.11 14:42:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012.02.11 14:42:27 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012.02.11 14:42:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012.02.11 14:42:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012.02.11 14:42:26 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2012.02.11 14:42:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012.02.11 14:42:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012.02.11 14:42:23 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2012.02.11 14:42:23 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2012.02.11 14:42:23 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012.02.11 14:42:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2012.02.11 14:42:22 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012.02.11 14:42:22 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012.02.11 14:42:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2012.02.11 14:42:19 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2012.02.11 14:42:18 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2012.02.11 14:42:18 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012.02.11 14:42:18 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012.02.11 14:42:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2012.02.11 14:42:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012.02.11 14:42:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2012.02.11 14:42:17 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2012.02.11 14:42:17 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2012.02.11 14:42:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2012.02.11 14:42:17 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012.02.11 14:42:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012.02.11 14:42:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012.02.11 14:42:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012.02.11 14:42:16 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012.02.11 14:42:16 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012.02.11 14:42:16 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012.02.11 14:42:16 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012.02.11 14:42:16 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012.02.11 14:42:15 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012.02.11 14:42:15 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012.02.11 14:42:15 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012.02.11 14:42:15 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012.02.11 14:42:15 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012.02.11 14:42:15 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012.02.11 14:42:15 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012.02.11 14:42:15 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012.02.11 14:42:14 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012.02.11 14:42:14 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012.02.11 14:42:14 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012.02.11 14:42:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012.02.11 14:42:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2012.02.11 14:42:13 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2012.02.11 14:42:13 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2012.02.11 14:42:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012.02.11 14:42:13 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012.02.11 14:42:13 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012.02.11 14:42:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2012.02.11 14:42:12 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012.02.11 14:42:11 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012.02.11 14:42:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012.02.11 14:42:06 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2012.02.11 14:42:06 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage
[2012.02.11 14:41:34 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2012.02.11 14:40:52 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM
[2012.02.11 14:40:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012.02.11 14:40:43 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012.02.11 14:40:33 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate
[2012.02.11 14:40:29 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste
[2012.02.11 14:40:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012.02.11 14:40:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2012.02.11 14:40:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2012.02.11 14:40:03 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2012.02.11 14:40:02 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2012.02.11 14:40:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2012.02.11 14:40:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2012.02.11 14:39:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2012.02.11 14:39:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2012.02.11 14:39:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2012.02.11 14:39:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2012.02.11 14:39:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2012.02.11 14:39:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2012.02.11 14:39:51 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2012.02.11 14:39:51 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2012.02.11 14:39:51 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste
[2012.02.11 14:39:48 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2012.02.11 14:39:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2012.02.11 14:39:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2012.02.11 14:39:48 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012.02.11 14:39:47 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2012.02.11 14:39:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2012.02.11 14:39:47 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2012.02.11 14:39:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2012.02.11 14:39:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2012.02.11 14:39:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012.02.11 14:39:47 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap
[2012.02.11 14:39:46 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2012.02.11 14:39:44 | 000,727,614 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2012.02.11 14:39:43 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2012.02.11 14:39:43 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2012.02.11 14:39:42 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2012.02.11 14:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012.02.11 14:39:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012.02.11 14:39:41 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2012.02.11 14:39:41 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2012.02.11 14:39:40 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2012.02.11 14:39:40 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2012.02.11 14:39:40 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2012.02.11 14:39:40 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2012.02.11 14:39:40 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2012.02.11 14:39:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2012.02.11 14:39:39 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2012.02.11 14:39:39 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2012.02.11 14:39:39 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2012.02.11 14:39:39 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2012.02.11 14:39:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2012.02.11 14:39:39 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012.02.11 14:39:38 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2012.02.11 14:39:38 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2012.02.11 14:39:38 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2012.02.11 14:39:38 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2012.02.11 14:39:38 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2012.02.11 14:39:38 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2012.02.11 14:39:38 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2012.02.11 14:39:38 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2012.02.11 14:39:38 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2012.02.11 14:39:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2012.02.11 14:39:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2012.02.11 14:39:37 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2012.02.11 14:39:37 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2012.02.11 14:39:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2012.02.11 14:39:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2012.02.11 14:39:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2012.02.11 14:39:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2012.02.11 14:39:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2012.02.11 14:39:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012.02.11 14:39:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2012.02.11 14:39:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2012.02.11 14:39:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2012.02.11 14:39:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2012.02.11 14:39:34 | 004,293,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2012.02.11 14:39:34 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2012.02.11 14:39:34 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2012.02.11 14:39:33 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2012.02.11 14:39:33 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2012.02.11 14:39:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2012.02.11 14:39:32 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2012.02.11 14:39:32 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker
[2012.02.11 14:39:16 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2012.02.11 14:39:16 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2012.02.11 14:39:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2012.02.11 14:39:16 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2012.02.11 14:39:16 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2012.02.11 14:39:16 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2012.02.11 14:39:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2012.02.11 14:39:13 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2012.02.11 14:39:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2012.02.11 14:39:13 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2012.02.11 14:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2012.02.11 14:39:13 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2012.02.11 14:39:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2012.02.11 14:39:13 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2012.02.11 14:39:12 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2012.02.11 14:39:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2012.02.11 14:39:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2012.02.11 14:39:12 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2012.02.11 14:39:09 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2012.02.11 14:39:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2012.02.11 14:39:09 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2012.02.11 14:39:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2012.02.11 14:39:08 | 000,385,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2012.02.11 14:39:08 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2012.02.11 14:39:08 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2012.02.11 14:39:08 | 000,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2012.02.11 14:39:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2012.02.11 14:39:08 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2012.02.11 14:39:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2012.02.11 14:39:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012.02.11 14:39:07 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2012.02.11 14:39:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2012.02.11 14:39:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2012.02.11 14:39:07 | 000,073,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2012.02.11 14:39:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2012.02.11 14:39:06 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2012.02.11 14:39:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2012.02.11 14:39:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2012.02.11 14:39:06 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2012.02.11 14:39:06 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2012.02.11 14:39:06 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2012.02.11 14:39:06 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2012.02.11 14:39:06 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2012.02.11 14:39:06 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2012.02.11 14:39:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2012.02.11 14:39:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2012.02.11 14:39:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2012.02.11 14:39:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2012.02.11 14:39:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2012.02.11 14:39:05 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2012.02.11 14:39:05 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2012.02.11 14:39:04 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2012.02.11 14:39:04 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2012.02.11 14:39:04 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2012.02.11 14:39:04 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2012.02.11 14:39:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2012.02.11 14:39:04 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2012.02.11 14:39:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2012.02.11 14:39:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2012.02.11 14:39:03 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2012.02.11 14:39:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2012.02.11 14:39:03 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2012.02.11 14:39:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2012.02.11 14:39:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2012.02.11 14:39:03 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.02.11 14:39:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2012.02.11 14:39:03 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2012.02.11 14:39:03 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting
[2012.02.11 14:39:02 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2012.02.11 14:39:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2012.02.11 14:39:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2012.02.11 14:39:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2012.02.11 14:39:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2012.02.11 14:39:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2012.02.11 14:39:01 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2012.02.11 14:39:01 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2012.02.11 14:39:01 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2012.02.11 14:39:00 | 002,532,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2012.02.11 14:38:59 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2012.02.11 14:38:59 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2012.02.11 14:38:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2012.02.11 14:38:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2012.02.11 14:38:59 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2012.02.11 14:38:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2012.02.11 14:38:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2012.02.11 14:38:59 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express
[2012.02.11 14:38:58 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2012.02.11 14:38:58 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2012.02.11 14:38:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2012.02.11 14:38:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2012.02.11 14:38:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2012.02.11 14:38:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2012.02.11 14:38:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2012.02.11 14:38:58 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2012.02.11 14:38:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2012.02.11 14:38:57 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2012.02.11 14:38:57 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2012.02.11 14:38:57 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2012.02.11 14:38:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2012.02.11 14:38:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2012.02.11 14:38:57 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2012.02.11 14:38:57 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2012.02.11 14:38:56 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2012.02.11 14:38:56 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2012.02.11 14:38:56 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2012.02.11 14:38:55 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2012.02.11 14:38:55 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2012.02.11 14:38:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2012.02.11 14:38:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2012.02.11 14:38:55 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2012.02.11 14:38:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2012.02.11 14:38:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2012.02.11 14:38:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2012.02.11 14:38:54 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2012.02.11 14:38:54 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2012.02.11 14:38:54 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2012.02.11 14:38:54 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2012.02.11 14:38:54 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2012.02.11 14:38:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2012.02.11 14:38:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2012.02.11 14:38:54 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2012.02.11 14:38:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2012.02.11 14:38:54 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2012.02.11 14:38:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2012.02.11 14:38:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2012.02.11 14:38:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2012.02.11 14:38:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2012.02.11 14:38:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2012.02.11 14:38:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2012.02.11 14:38:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2012.02.11 14:38:53 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.02.11 14:38:53 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2012.02.11 14:38:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2012.02.11 14:38:53 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2012.02.11 14:38:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2012.02.11 14:38:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2012.02.11 14:38:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2012.02.11 14:38:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2012.02.11 14:38:52 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2012.02.11 14:38:52 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2012.02.11 14:38:52 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2012.02.11 14:38:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2012.02.11 14:38:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2012.02.11 14:38:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2012.02.11 14:38:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2012.02.11 14:38:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2012.02.11 14:38:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System
[2012.02.11 14:38:51 | 000,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2012.02.11 14:38:51 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2012.02.11 14:38:51 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2012.02.11 14:38:47 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer
[2012.02.11 14:38:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder
[2012.02.11 14:38:20 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele
[2012.02.11 14:38:08 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications
[2012.02.11 14:38:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012.02.11 14:38:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
[2012.02.11 14:37:52 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik
[2012.02.11 14:37:52 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player
[2012.02.11 14:37:52 | 000,000,000 | ---D | C] -- C:\Programme\Online Services
[2012.02.11 14:37:45 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2012.02.11 14:37:44 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2012.02.11 14:37:44 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2012.02.11 14:37:44 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2012.02.11 14:37:43 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2012.02.11 14:37:43 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2012.02.11 14:37:43 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2012.02.11 14:37:43 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2012.02.11 14:37:43 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2012.02.11 14:37:43 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2012.02.11 14:37:43 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2012.02.11 14:37:43 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2012.02.11 14:37:43 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2012.02.11 14:37:43 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2012.02.11 14:37:42 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2012.02.11 14:37:42 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2012.02.11 14:37:42 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2012.02.11 14:37:42 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2012.02.11 14:37:42 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2012.02.11 14:37:42 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2012.02.11 14:37:42 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2012.02.11 14:37:41 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2012.02.11 14:37:41 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2012.02.11 14:37:41 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2012.02.11 14:37:41 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2012.02.11 14:37:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2012.02.11 14:37:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2012.02.11 14:37:41 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone
[2012.02.11 14:37:31 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2012.02.11 14:37:31 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2012.02.11 14:37:31 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2012.02.11 14:37:31 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2012.02.11 14:37:30 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2012.02.11 14:37:30 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2012.02.11 14:37:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2012.02.11 14:37:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2012.02.11 14:37:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2012.02.11 14:37:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2012.02.11 14:37:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2012.02.11 14:37:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2012.02.11 14:37:23 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2012.02.11 14:37:23 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2012.02.11 14:37:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2012.02.11 14:37:22 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2012.02.11 14:37:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2012.02.11 14:37:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2012.02.11 14:37:22 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2012.02.11 14:37:22 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2012.02.11 14:37:21 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2012.02.11 14:37:21 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2012.02.11 14:37:21 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2012.02.11 14:37:21 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2012.02.11 14:37:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2012.02.11 14:37:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2012.02.11 14:37:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2012.02.11 14:37:21 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2012.02.11 14:37:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2012.02.11 14:37:20 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2012.02.11 14:37:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2012.02.11 14:37:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2012.02.11 14:37:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2012.02.11 14:37:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2012.02.11 14:37:20 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2012.02.11 14:37:20 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2012.02.11 14:37:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2012.02.11 14:37:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2012.02.11 14:37:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2012.02.11 14:37:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2012.02.11 14:37:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2012.02.11 14:37:20 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2012.02.11 14:37:20 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2012.02.11 14:37:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2012.02.11 14:37:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2012.02.11 14:37:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2012.02.11 14:37:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2012.02.11 14:37:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2012.02.11 14:37:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2012.02.11 14:37:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2012.02.11 14:37:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2012.02.11 14:37:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2012.02.11 14:37:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2012.02.11 14:37:15 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2012.02.11 14:37:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2012.02.11 14:37:15 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2012.02.11 14:37:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2012.02.11 14:37:14 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2012.02.11 14:37:14 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2012.02.11 14:37:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2012.02.11 14:37:14 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2012.02.11 14:37:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2012.02.11 14:37:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2012.02.11 14:37:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2012.02.11 14:37:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2012.02.11 14:37:13 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2012.02.11 14:37:13 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2012.02.11 14:36:59 | 000,000,000 | ---D | C] -- C:\Programme\MSN
[2012.02.11 14:36:58 | 000,282,624 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012.02.11 14:36:58 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2012.02.11 14:36:58 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2012.02.11 14:36:58 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2012.02.11 14:36:58 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2012.02.11 14:36:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2012.02.11 14:36:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2012.02.11 14:36:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2012.02.11 14:36:58 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2012.02.11 14:36:57 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2012.02.11 14:36:57 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2012.02.11 14:36:57 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2012.02.11 14:36:57 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2012.02.11 14:36:57 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT
[2012.02.11 14:36:56 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2012.02.11 14:36:56 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2012.02.11 14:36:56 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2012.02.11 14:36:56 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2012.02.11 14:36:55 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012.02.11 14:36:55 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2012.02.11 14:36:55 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.02.11 14:36:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2012.02.11 14:36:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2012.02.11 14:36:55 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012.02.11 14:36:55 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2012.02.11 14:36:55 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2012.02.11 14:36:55 | 000,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2012.02.11 14:36:54 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2012.02.11 14:36:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2012.02.11 14:36:54 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012.02.11 14:36:53 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2012.02.11 14:36:53 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2012.02.11 14:36:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2012.02.11 14:36:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2012.02.11 14:36:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2012.02.11 14:36:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2012.02.11 14:36:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2012.02.11 14:36:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2012.02.11 14:36:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2012.02.11 14:36:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2012.02.11 14:36:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2012.02.11 14:36:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2012.02.11 14:36:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2012.02.11 14:36:52 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2012.02.11 14:36:52 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2012.02.11 14:36:52 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2012.02.11 14:36:52 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2012.02.11 14:36:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2012.02.11 14:36:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2012.02.11 14:36:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2012.02.11 14:36:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2012.02.11 14:36:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2012.02.11 14:36:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2012.02.11 14:36:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2012.02.11 14:36:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012.02.11 14:36:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2012.02.11 14:36:51 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2012.02.11 14:36:51 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2012.02.11 14:36:51 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2012.02.11 14:36:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2012.02.11 14:36:51 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2012.02.11 14:36:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2012.02.11 14:36:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2012.02.11 14:36:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2012.02.11 14:36:50 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2012.02.11 14:36:50 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2012.02.11 14:36:50 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2012.02.11 14:36:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2012.02.11 14:36:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2012.02.11 14:36:50 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2012.02.11 14:36:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2012.02.11 14:36:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2012.02.11 14:36:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2012.02.11 14:36:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2012.02.11 14:36:50 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2012.02.11 14:36:49 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2012.02.11 14:36:49 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2012.02.11 14:36:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2012.02.11 14:36:49 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2012.02.11 14:36:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2012.02.11 14:36:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2012.02.11 14:36:49 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2012.02.11 14:36:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2012.02.11 14:36:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2012.02.11 14:36:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2012.02.11 14:36:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2012.02.11 14:36:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012.02.11 14:36:48 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2012.02.11 14:36:48 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2012.02.11 14:36:48 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2012.02.11 14:36:48 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2012.02.11 14:36:48 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2012.02.11 14:36:47 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2012.02.11 14:36:47 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2012.02.11 14:36:47 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2012.02.11 14:36:46 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2012.02.11 14:36:46 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2012.02.11 14:36:45 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2012.02.11 14:36:45 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2012.02.11 14:36:45 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2012.02.11 14:36:45 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2012.02.11 14:36:45 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2012.02.11 14:36:45 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2012.02.11 14:36:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2012.02.11 14:36:45 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2012.02.11 14:36:45 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2012.02.11 14:36:45 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2012.02.11 14:36:44 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2012.02.11 14:36:44 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2012.02.11 14:36:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2012.02.11 14:36:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2012.02.11 14:36:44 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2012.02.11 14:36:44 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2012.02.11 14:36:44 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
         

Alt 19.02.2012, 16:43   #5
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



OTL.txt Teil 3:

Code:
ATTFilter
[2012.02.11 14:36:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2012.02.11 14:36:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2012.02.11 14:36:44 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2012.02.11 14:36:44 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2012.02.11 14:36:43 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2012.02.11 14:36:43 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2012.02.11 14:36:43 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2012.02.11 14:36:43 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2012.02.11 14:36:43 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2012.02.11 14:36:43 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2012.02.11 14:36:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2012.02.11 14:36:42 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2012.02.11 14:36:42 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2012.02.11 14:36:42 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2012.02.11 14:36:42 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2012.02.11 14:36:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2012.02.11 14:36:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2012.02.11 14:36:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2012.02.11 14:36:41 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2012.02.11 14:36:41 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2012.02.11 14:36:40 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2012.02.11 14:36:40 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2012.02.11 14:36:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2012.02.11 14:36:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2012.02.11 14:36:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2012.02.11 14:36:40 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2012.02.11 14:36:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2012.02.11 14:36:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2012.02.11 14:36:35 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2012.02.11 14:34:28 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
[2012.02.11 14:29:30 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2012.02.11 14:29:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2012.02.11 14:28:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2012.02.11 14:27:50 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012.02.11 14:27:49 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2012.02.11 14:27:48 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2012.02.11 14:27:48 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2012.02.11 14:27:47 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2012.02.11 14:27:46 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2012.02.11 14:27:46 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2012.02.11 14:27:46 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2012.02.11 14:27:45 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2012.02.11 14:27:45 | 000,000,000 | R--D | C] -- C:\Programme
[2012.02.11 14:27:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2012.02.11 14:27:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2012.02.11 14:27:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2012.02.11 14:27:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2012.02.11 14:27:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2012.02.11 14:27:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2012.02.11 14:27:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2012.02.11 14:27:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2012.02.11 14:27:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2012.02.11 14:27:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2012.02.11 14:27:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2012.02.11 14:27:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2012.02.11 14:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2012.02.11 14:27:41 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2012.02.11 14:27:39 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2012.02.11 14:27:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2012.02.11 14:27:37 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2012.02.11 14:27:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2012.02.11 14:27:37 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2012.02.11 14:27:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2012.02.11 14:27:37 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2012.02.11 14:27:37 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2012.02.11 14:27:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2012.02.11 14:27:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2012.02.11 14:27:37 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2012.02.11 14:27:37 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2012.02.11 14:27:37 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2012.02.11 14:27:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2012.02.11 14:27:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2012.02.11 14:27:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2012.02.11 14:27:35 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2012.02.11 14:27:35 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2012.02.11 14:27:35 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2012.02.11 14:27:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2012.02.11 14:27:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2012.02.11 14:27:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2012.02.11 14:27:35 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2012.02.11 14:27:35 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2012.02.11 14:27:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2012.02.11 14:27:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2012.02.11 14:27:34 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2012.02.11 14:27:34 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2012.02.11 14:27:34 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2012.02.11 14:27:34 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2012.02.11 14:27:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2012.02.11 14:27:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2012.02.11 14:27:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2012.02.11 14:27:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2012.02.11 14:27:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2012.02.11 14:27:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2012.02.11 14:27:34 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2012.02.11 14:27:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2012.02.11 14:27:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2012.02.11 14:27:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2012.02.11 14:27:33 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2012.02.11 14:27:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2012.02.11 14:27:33 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2012.02.11 14:27:33 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2012.02.11 14:27:33 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2012.02.11 14:27:33 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2012.02.11 14:27:33 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2012.02.11 14:27:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2012.02.11 14:27:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2012.02.11 14:27:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2012.02.11 14:27:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2012.02.11 14:27:33 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2012.02.11 14:27:31 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2012.02.11 14:27:31 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2012.02.11 14:27:31 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2012.02.11 14:27:31 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2012.02.11 14:27:31 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012.02.11 14:27:31 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012.02.11 14:27:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012.02.11 14:27:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012.02.11 14:27:30 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2012.02.11 14:27:30 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2012.02.11 14:27:30 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2012.02.11 14:27:30 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2012.02.11 14:27:30 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2012.02.11 14:27:30 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2012.02.11 14:27:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2012.02.11 14:27:30 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2012.02.11 14:27:30 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2012.02.11 14:27:30 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2012.02.11 14:27:30 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2012.02.11 14:27:29 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2012.02.11 14:27:29 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2012.02.11 14:27:29 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2012.02.11 14:27:29 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2012.02.11 14:27:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2012.02.11 14:27:29 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2012.02.11 14:27:29 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2012.02.11 14:27:29 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2012.02.11 14:27:29 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2012.02.11 14:27:29 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2012.02.11 14:27:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2012.02.11 14:27:28 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2012.02.11 14:27:28 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2012.02.11 14:27:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2012.02.11 14:27:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2012.02.11 14:27:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2012.02.11 14:27:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2012.02.11 14:27:28 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2012.02.11 14:27:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2012.02.11 14:27:26 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2012.02.11 14:27:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2012.02.11 14:27:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2012.02.11 14:27:17 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2012.02.11 14:27:17 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2012.02.11 14:27:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2012.02.11 14:27:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2012.02.11 14:27:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012.02.11 14:27:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012.02.11 14:26:58 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2012.02.11 14:26:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2012.02.11 14:26:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.19 17:22:59 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012.02.19 17:18:11 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.02.19 17:17:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.19 17:17:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.19 17:13:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.02.19 17:05:33 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Bianka\Desktop\OTL.exe
[2012.02.17 01:13:12 | 000,000,245 | -HS- | M] () -- C:\boot.ini
[2012.02.17 00:15:10 | 000,449,758 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.02.17 00:15:10 | 000,433,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.17 00:15:10 | 000,080,468 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.02.17 00:15:10 | 000,067,858 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.15 17:46:57 | 000,120,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.02.13 10:54:32 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.02.13 10:54:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.02.13 10:54:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012.02.13 10:54:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012.02.13 10:54:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012.02.13 10:46:03 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.02.13 10:36:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.13 10:25:36 | 000,472,576 | ---- | M] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2012.02.12 18:34:28 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012.02.12 17:35:04 | 000,000,579 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.7.lnk
[2012.02.11 18:05:25 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012.02.11 18:05:25 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012.02.11 18:03:46 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\HideWin.exe
[2012.02.11 15:32:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012.02.11 14:45:15 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012.02.11 14:44:16 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.02.11 14:41:49 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.02.11 14:41:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.02.11 14:41:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.02.11 14:41:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012.02.11 14:41:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012.02.11 14:41:45 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.02.11 14:41:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.02.11 14:41:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.02.11 14:41:34 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.11 14:38:19 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.02.11 14:31:06 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2012.01.31 13:44:05 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.15 16:49:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.15 16:49:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.02.13 22:59:09 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll
[2012.02.13 16:20:13 | 000,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2012.02.13 16:10:18 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.02.13 10:40:35 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2012.02.13 10:39:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\atiiprxx.exe
[2012.02.13 10:39:11 | 000,047,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2012.02.13 10:39:11 | 000,007,849 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.vxd
[2012.02.13 10:39:11 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativdkxx.vp
[2012.02.13 10:39:11 | 000,002,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2012.02.13 10:39:11 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2012.02.13 10:39:10 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2012.02.13 10:39:10 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.02.13 10:39:10 | 001,311,202 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2012.02.13 10:39:10 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.02.13 10:39:10 | 000,473,475 | ---- | C] () -- C:\WINDOWS\System32\atmkorxx.hlx
[2012.02.13 10:39:10 | 000,399,936 | ---- | C] () -- C:\WINDOWS\System32\atmjpnxx.hlx
[2012.02.13 10:39:10 | 000,370,049 | ---- | C] () -- C:\WINDOWS\System32\atmthaxx.hlx
[2012.02.13 10:39:10 | 000,356,937 | ---- | C] () -- C:\WINDOWS\System32\atmtrkxx.hlx
[2012.02.13 10:39:10 | 000,353,829 | ---- | C] () -- C:\WINDOWS\System32\atmrusxx.hlx
[2012.02.13 10:39:10 | 000,189,356 | ---- | C] () -- C:\WINDOWS\System32\atmchsxx.hlx
[2012.02.13 10:39:10 | 000,158,080 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.02.13 10:39:10 | 000,155,364 | ---- | C] () -- C:\WINDOWS\System32\atmaraxx.hlx
[2012.02.13 10:39:10 | 000,148,616 | ---- | C] () -- C:\WINDOWS\System32\atmhunxx.hlx
[2012.02.13 10:39:10 | 000,148,498 | ---- | C] () -- C:\WINDOWS\System32\atmplkxx.hlx
[2012.02.13 10:39:10 | 000,148,083 | ---- | C] () -- C:\WINDOWS\System32\atmellxx.hlx
[2012.02.13 10:39:10 | 000,147,444 | ---- | C] () -- C:\WINDOWS\System32\atmdeuxx.hlx
[2012.02.13 10:39:10 | 000,145,641 | ---- | C] () -- C:\WINDOWS\System32\atmcsyxx.hlx
[2012.02.13 10:39:10 | 000,145,421 | ---- | C] () -- C:\WINDOWS\System32\atmchtxx.hlx
[2012.02.13 10:39:10 | 000,145,090 | ---- | C] () -- C:\WINDOWS\System32\atmfraxx.hlx
[2012.02.13 10:39:10 | 000,144,323 | ---- | C] () -- C:\WINDOWS\System32\atmhebxx.hlx
[2012.02.13 10:39:10 | 000,144,213 | ---- | C] () -- C:\WINDOWS\System32\atmfinxx.hlx
[2012.02.13 10:39:10 | 000,142,359 | ---- | C] () -- C:\WINDOWS\System32\atmdanxx.hlx
[2012.02.13 10:39:10 | 000,141,754 | ---- | C] () -- C:\WINDOWS\System32\attkorxx.hlx
[2012.02.13 10:39:10 | 000,141,746 | ---- | C] () -- C:\WINDOWS\System32\atmsvexx.hlx
[2012.02.13 10:39:10 | 000,140,646 | ---- | C] () -- C:\WINDOWS\System32\atmitaxx.hlx
[2012.02.13 10:39:10 | 000,140,307 | ---- | C] () -- C:\WINDOWS\System32\atmptbxx.hlx
[2012.02.13 10:39:10 | 000,140,040 | ---- | C] () -- C:\WINDOWS\System32\atmespxx.hlx
[2012.02.13 10:39:10 | 000,139,835 | ---- | C] () -- C:\WINDOWS\System32\atmnldxx.hlx
[2012.02.13 10:39:10 | 000,139,810 | ---- | C] () -- C:\WINDOWS\System32\atmnorxx.hlx
[2012.02.13 10:39:10 | 000,136,272 | ---- | C] () -- C:\WINDOWS\System32\atmenuxx.hlx
[2012.02.13 10:39:10 | 000,124,376 | ---- | C] () -- C:\WINDOWS\System32\attjpnxx.hlx
[2012.02.13 10:39:10 | 000,120,302 | ---- | C] () -- C:\WINDOWS\System32\atttrkxx.hlx
[2012.02.13 10:39:10 | 000,066,161 | ---- | C] () -- C:\WINDOWS\System32\atfkorxx.hlx
[2012.02.13 10:39:10 | 000,049,807 | ---- | C] () -- C:\WINDOWS\System32\atfjpnxx.hlx
[2012.02.13 10:39:10 | 000,048,174 | ---- | C] () -- C:\WINDOWS\System32\atftrkxx.hlx
[2012.02.13 10:39:10 | 000,045,991 | ---- | C] () -- C:\WINDOWS\System32\attchsxx.hlx
[2012.02.13 10:39:10 | 000,045,762 | ---- | C] () -- C:\WINDOWS\System32\attellxx.hlx
[2012.02.13 10:39:10 | 000,045,716 | ---- | C] () -- C:\WINDOWS\System32\atthunxx.hlx
[2012.02.13 10:39:10 | 000,045,632 | ---- | C] () -- C:\WINDOWS\System32\atthebxx.hlx
[2012.02.13 10:39:10 | 000,045,580 | ---- | C] () -- C:\WINDOWS\System32\attrusxx.hlx
[2012.02.13 10:39:10 | 000,045,411 | ---- | C] () -- C:\WINDOWS\System32\attfraxx.hlx
[2012.02.13 10:39:10 | 000,045,352 | ---- | C] () -- C:\WINDOWS\System32\attptbxx.hlx
[2012.02.13 10:39:10 | 000,044,980 | ---- | C] () -- C:\WINDOWS\System32\attespxx.hlx
[2012.02.13 10:39:10 | 000,044,814 | ---- | C] () -- C:\WINDOWS\System32\attdeuxx.hlx
[2012.02.13 10:39:10 | 000,044,687 | ---- | C] () -- C:\WINDOWS\System32\attdanxx.hlx
[2012.02.13 10:39:10 | 000,044,635 | ---- | C] () -- C:\WINDOWS\System32\attchtxx.hlx
[2012.02.13 10:39:10 | 000,044,514 | ---- | C] () -- C:\WINDOWS\System32\attcsyxx.hlx
[2012.02.13 10:39:10 | 000,044,430 | ---- | C] () -- C:\WINDOWS\System32\attplkxx.hlx
[2012.02.13 10:39:10 | 000,044,109 | ---- | C] () -- C:\WINDOWS\System32\attitaxx.hlx
[2012.02.13 10:39:10 | 000,043,526 | ---- | C] () -- C:\WINDOWS\System32\attnldxx.hlx
[2012.02.13 10:39:10 | 000,043,310 | ---- | C] () -- C:\WINDOWS\System32\attfinxx.hlx
[2012.02.13 10:39:10 | 000,043,288 | ---- | C] () -- C:\WINDOWS\System32\attnorxx.hlx
[2012.02.13 10:39:10 | 000,043,070 | ---- | C] () -- C:\WINDOWS\System32\attaraxx.hlx
[2012.02.13 10:39:10 | 000,041,943 | ---- | C] () -- C:\WINDOWS\System32\attthaxx.hlx
[2012.02.13 10:39:10 | 000,041,265 | ---- | C] () -- C:\WINDOWS\System32\attsvexx.hlx
[2012.02.13 10:39:10 | 000,040,651 | ---- | C] () -- C:\WINDOWS\System32\attenuxx.hlx
[2012.02.13 10:39:10 | 000,027,697 | ---- | C] () -- C:\WINDOWS\System32\atfhebxx.hlx
[2012.02.13 10:39:10 | 000,026,864 | ---- | C] () -- C:\WINDOWS\System32\atfchsxx.hlx
[2012.02.13 10:39:10 | 000,026,138 | ---- | C] () -- C:\WINDOWS\System32\atfplkxx.hlx
[2012.02.13 10:39:10 | 000,025,327 | ---- | C] () -- C:\WINDOWS\System32\atfrusxx.hlx
[2012.02.13 10:39:10 | 000,025,224 | ---- | C] () -- C:\WINDOWS\System32\atfellxx.hlx
[2012.02.13 10:39:10 | 000,024,892 | ---- | C] () -- C:\WINDOWS\System32\atfhunxx.hlx
[2012.02.13 10:39:10 | 000,024,873 | ---- | C] () -- C:\WINDOWS\System32\atfthaxx.hlx
[2012.02.13 10:39:10 | 000,024,712 | ---- | C] () -- C:\WINDOWS\System32\atfptbxx.hlx
[2012.02.13 10:39:10 | 000,024,652 | ---- | C] () -- C:\WINDOWS\System32\atfaraxx.hlx
[2012.02.13 10:39:10 | 000,024,640 | ---- | C] () -- C:\WINDOWS\System32\atffraxx.hlx
[2012.02.13 10:39:10 | 000,024,589 | ---- | C] () -- C:\WINDOWS\System32\atfchtxx.hlx
[2012.02.13 10:39:10 | 000,024,569 | ---- | C] () -- C:\WINDOWS\System32\atfcsyxx.hlx
[2012.02.13 10:39:10 | 000,024,557 | ---- | C] () -- C:\WINDOWS\System32\atfdeuxx.hlx
[2012.02.13 10:39:10 | 000,024,506 | ---- | C] () -- C:\WINDOWS\System32\atfitaxx.hlx
[2012.02.13 10:39:10 | 000,024,382 | ---- | C] () -- C:\WINDOWS\System32\atfespxx.hlx
[2012.02.13 10:39:10 | 000,024,260 | ---- | C] () -- C:\WINDOWS\System32\atffinxx.hlx
[2012.02.13 10:39:10 | 000,024,229 | ---- | C] () -- C:\WINDOWS\System32\atfnorxx.hlx
[2012.02.13 10:39:10 | 000,024,186 | ---- | C] () -- C:\WINDOWS\System32\atfnldxx.hlx
[2012.02.13 10:39:10 | 000,024,065 | ---- | C] () -- C:\WINDOWS\System32\atfdanxx.hlx
[2012.02.13 10:39:10 | 000,023,980 | ---- | C] () -- C:\WINDOWS\System32\atfsvexx.hlx
[2012.02.13 10:39:10 | 000,023,224 | ---- | C] () -- C:\WINDOWS\System32\atfenuxx.hlx
[2012.02.13 10:39:09 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.msi
[2012.02.13 10:39:09 | 000,034,920 | ---- | C] () -- C:\WINDOWS\System32\omega_drivers.bmp
[2012.02.13 10:39:09 | 000,014,096 | ---- | C] () -- C:\WINDOWS\System32\atioglgl.xml
[2012.02.13 10:39:09 | 000,011,717 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2012.02.13 10:39:09 | 000,007,167 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2012.02.13 10:39:09 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2012.02.13 10:36:15 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.13 10:25:35 | 000,472,576 | ---- | C] () -- C:\WINDOWS\Radeon Omega Drivers v4.8.442 Uninstall.exe
[2012.02.12 20:42:18 | 000,000,718 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Thunderbird.lnk
[2012.02.12 18:39:18 | 000,000,416 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012.02.12 18:34:28 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012.02.12 18:33:52 | 000,001,652 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk
[2012.02.12 17:41:27 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk
[2012.02.12 17:35:04 | 000,000,579 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ7.7.lnk
[2012.02.11 18:05:25 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012.02.11 18:05:25 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012.02.11 18:04:30 | 000,000,553 | R--- | C] () -- C:\WINDOWS\USetup.iss
[2012.02.11 18:04:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.02.11 18:03:55 | 000,000,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTKHDRC1.dat
[2012.02.11 18:03:55 | 000,000,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTKHDRC0.dat
[2012.02.11 18:03:55 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2012.02.11 18:03:55 | 000,000,520 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2012.02.11 18:03:55 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat
[2012.02.11 18:03:55 | 000,000,176 | R--- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat
[2012.02.11 18:03:08 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2012.02.11 18:03:08 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2012.02.11 18:03:08 | 000,010,150 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2012.02.11 18:03:08 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2012.02.11 17:45:10 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.02.11 15:32:21 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2012.02.11 15:26:42 | 000,042,475 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.cat
[2012.02.11 15:26:42 | 000,042,065 | ---- | C] () -- C:\WINDOWS\System32\wsimd.cat
[2012.02.11 15:26:42 | 000,005,361 | ---- | C] () -- C:\WINDOWS\System32\wsimdp.inf
[2012.02.11 15:26:42 | 000,002,179 | ---- | C] () -- C:\WINDOWS\System32\wsimd.inf
[2012.02.11 15:25:34 | 000,000,245 | -HS- | C] () -- C:\boot.ini
[2012.02.11 15:25:30 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.02.11 14:47:54 | 000,000,718 | ---- | C] () -- C:\Dokumente und Einstellungen\Bianka\Startmenü\Programme\Outlook Express.lnk
[2012.02.11 14:47:46 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Bianka\Startmenü\Programme\Remoteunterstützung.lnk
[2012.02.11 14:47:46 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Bianka\Startmenü\Programme\Windows Media Player.lnk
[2012.02.11 14:45:15 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012.02.11 14:44:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.02.11 14:43:42 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012.02.11 14:43:26 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012.02.11 14:43:19 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012.02.11 14:43:18 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012.02.11 14:43:15 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012.02.11 14:43:02 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012.02.11 14:42:56 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012.02.11 14:42:51 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012.02.11 14:42:41 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012.02.11 14:41:49 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.02.11 14:41:49 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.02.11 14:41:49 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.02.11 14:41:49 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012.02.11 14:41:49 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012.02.11 14:41:45 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.02.11 14:41:45 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.02.11 14:41:44 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012.02.11 14:40:32 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Movie Maker.lnk
[2012.02.11 14:40:18 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012.02.11 14:40:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012.02.11 14:40:00 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012.02.11 14:39:53 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012.02.11 14:39:10 | 000,380,416 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012.02.11 14:38:21 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Messenger.lnk
[2012.02.11 14:38:19 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.02.11 14:37:52 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MSN.lnk
[2012.02.11 14:37:25 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2012.02.11 14:37:25 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2012.02.11 14:37:25 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2012.02.11 14:37:24 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2012.02.11 14:37:24 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2012.02.11 14:37:24 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2012.02.11 14:37:24 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012.02.11 14:37:24 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2012.02.11 14:37:24 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2012.02.11 14:37:24 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2012.02.11 14:37:24 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2012.02.11 14:37:21 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012.02.11 14:37:20 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012.02.11 14:37:19 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012.02.11 14:37:13 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2012.02.11 14:31:06 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2012.02.11 14:27:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.02.11 14:27:47 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012.02.11 14:27:47 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012.02.11 14:27:46 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012.02.11 14:27:46 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012.02.11 14:27:28 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012.02.11 14:27:17 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012.02.11 14:27:17 | 000,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012.02.11 14:27:17 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012.02.11 14:27:17 | 000,021,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012.02.11 14:27:17 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012.02.11 14:27:17 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012.02.11 14:27:16 | 001,246,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2012.02.11 14:27:16 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012.02.11 14:27:16 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012.02.11 14:27:16 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012.02.11 14:27:16 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012.02.11 14:27:16 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012.02.11 14:27:16 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012.02.11 14:27:16 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012.02.11 14:27:16 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012.02.11 14:27:16 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012.02.11 14:27:16 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012.02.11 14:27:15 | 002,039,179 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012.02.11 14:27:15 | 000,631,338 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012.02.11 14:26:32 | 000,120,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

< End of report >
         


Alt 19.02.2012, 16:43   #6
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



Und jetzt noch die Extras.txt:

Code:
ATTFilter
OTL Extras logfile created on: 19.02.2012 17:18:39 - Run 2
OTL by OldTimer - Version 3.2.33.0     Folder = C:\Dokumente und Einstellungen\Bianka\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 77,97% Memory free
3,72 Gb Paging File | 3,46 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 29,29 Gb Total Space | 19,14 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Drive D: | 119,75 Gb Total Space | 116,95 Gb Free Space | 97,67% Space Free | Partition Type: NTFS
 
Computer Name: BIANKA-BAC298C4 | User Name: Bianka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.7\ICQ.exe" = D:\Programme\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\ICQ7.7\ICQ.exe" = D:\Programme\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.7 Build #6547 Banner Remover 1.0
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{33824DAC-3F98-0BB6-56D5-7DE1A3CCC068}" = Catalyst Control Center Localization German
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3621A2DF-0870-FE7E-674F-1DBCB18C5D22}" = ccc-utility
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{53BABC75-1DC1-479B-224B-1EB9E18A799B}" = CCC Help German
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{678F1F2D-F214-08D4-67FB-AC04316C4940}" = ccc-core-static
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B4369E44-8703-E769-A711-40EE5000AC2C}" = Catalyst Control Center Core Implementation
"{B7DE7B5E-4A2B-B709-E133-EC74C81E654A}" = Catalyst Control Center Graphics Full New
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D95AAA04-9BEF-54B3-CD70-348AC1155DAB}" = Catalyst Control Center Graphics Full Existing
"{D9C7C58C-AC51-EDBF-CF22-E4E1B93ED50D}" = Skins
"{E015B7D9-01AD-FE29-052A-489F4F29ED7F}" = Catalyst Control Center Graphics Light
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ATI Display Driver" = ATI Display Driver (Omega 3.8.442)
"CCleaner" = CCleaner
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Mozilla Thunderbird 10.0.1 (x86 de)" = Mozilla Thunderbird 10.0.1 (x86 de)
"MultiRes (remove only)" = MultiRes (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 16.02.2012 13:32:34 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 18:52:24 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 18:52:25 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 18:52:25 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für  Dienst WmiApRpl (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 16.02.2012 18:52:28 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 19:03:55 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 19:03:56 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 16.02.2012 19:03:56 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3011
Description = Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren
 für  Dienst WmiApRpl (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
 
Error - 16.02.2012 19:03:59 | Computer Name = BIANKA-BAC298C4 | Source = LoadPerf | ID = 3001
Description = Der Wert für die Namenszeichenfolge im Leistungsindikator in der Registrierung
ist
 falsch formatiert. Die ungültige Zeichenfolge ist 9706 und der ungültige  Indexwert
 ist das erste DWORD im Datenbereich, während die letzten gültigen  Indexwerte die
 zweiten und dritten DWORD im Datenbereich sind.
 
Error - 19.02.2012 12:10:25 | Computer Name = BIANKA-BAC298C4 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80240016, P2 begininstall, P3 install, P4
 3.0.8402.0, P5 mpsigdwn.dll, P6 3.0.8402.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
 P8 NIL, P9 NIL, P10 NIL.
 
[ System Events ]
Error - 12.02.2012 15:31:15 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC80.MFC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 12.02.2012 15:31:15 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC80.MFC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 12.02.2012 15:31:15 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\ATI\CIM\Bin\SetACL.exe.Manifest
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
Error - 12.02.2012 18:43:19 | Computer Name = BIANKA-BAC298C4 | Source = PlugPlayManager | ID = 12
Description = Das Gerät "HL-DT-ST DVDRAM GSA-T20N" (IDE\CdRomHL-DT-ST_DVDRAM_GSA-T20N________________WT03____\324b374152373343343520342020202020202020)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
Error - 12.02.2012 19:25:42 | Computer Name = BIANKA-BAC298C4 | Source = ipnathlp | ID = 32003
Description = Der Übersetzer für Netzwerkadressen (NAT) konnte  keine Anfrage des
 Übersetzungsmoduls des Kernelmodus stellen.  Möglicherweise liegen eine falsche Konfiguration,
 unzureichende Ressourcen oder  ein interner Fehler vor.  Die Daten enthalten den Fehlercode.
 
Error - 12.02.2012 19:37:25 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842784
Description = Abhängige Assemblierung "Microsoft.VC80.MFC" konnte nicht gefunden
 werden. "Last Error": Die referenzierte Assemblierung ist nicht auf dem Computer
 installiert.  
 
Error - 12.02.2012 19:37:25 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly ist für Microsoft.VC80.MFC fehlgeschlagen.
Referenzfehlermeldung:
 Die referenzierte Assemblierung ist nicht auf dem Computer installiert.  .
 
Error - 12.02.2012 19:37:25 | Computer Name = BIANKA-BAC298C4 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context ist für C:\Programme\ATI\CIM\Bin\SetACL.exe.Manifest
 fehlgeschlagen.  Referenzfehlermeldung: Der Vorgang wurde erfolgreich beendet.  .
 
Error - 13.02.2012 05:30:01 | Computer Name = BIANKA-BAC298C4 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ati HotKey Poller" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%2
 
Error - 13.02.2012 07:02:29 | Computer Name = BIANKA-BAC298C4 | Source = PlugPlayManager | ID = 12
Description = Das Gerät "HL-DT-ST DVDRAM GSA-T20N" (IDE\CdRomHL-DT-ST_DVDRAM_GSA-T20N________________WT03____\324b374152373343343520342020202020202020)
 wurde ohne vorbereitende Maßnahmen vom System entfernt.
 
 
< End of report >
         

Alt 20.02.2012, 09:03   #7
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



Hallo,

ich habe ja geschrieben, dass ich mein Notebook öfter einfach ausgeht, als ob man den stecker zieht. Liegt das am Trojaner? Wenn das irgendetwas an der hardware sein sollte, könnte man sich doch am besten gleich ein neues Notebook kaufen, oder? ich glaub ne reparatur lohnt sich bei dem nich mehr, der ist sowieso schon etwas altersschwach...

danke

Alt 20.02.2012, 21:07   #8
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



hey,
mittlerweile ist es soweit, dass ich den laptop nich mehr im normalen modus nutzen kann, weil sofort das fenster mit dem trojaner kommt..

hilfe ^^ ist er noch zu retten?

Alt 22.02.2012, 11:12   #9
Bubbel
 
Trojan:Win32/Ransom.EJ auf meinem Notebook - Standard

Trojan:Win32/Ransom.EJ auf meinem Notebook



*help* habt ihr mich vergessen? :'(

Antwort

Themen zu Trojan:Win32/Ransom.EJ auf meinem Notebook
administrator, anti-malware, autostart, blockiert, bluescreen, datei, dateien, dateisystem, exploit.drop.cfg, explorer, folge, geld, gelöscht, heuristiks/extra, heuristiks/shuriken, hängen, infizierte, infizierte datei, kein bluescreen, laptop, malwarebytes, microsoft, microsoft security, microsoft security essentials, ms0cfg32.exe, neustart, notebook, problem, security, service pack 3, temp, trojan, trojaner, windows



Ähnliche Themen: Trojan:Win32/Ransom.EJ auf meinem Notebook


  1. deeprybka: Trojan-Ransom.Win32.Foreign ist weg
    Lob, Kritik und Wünsche - 29.06.2014 (1)
  2. Trojan-Ransom.Win32.Blocker.cbsn & Trojan-Spy.Win.32.Zbot.nsur eingefangen -.-
    Plagegeister aller Art und deren Bekämpfung - 12.04.2014 (23)
  3. Trojan-Ransom.Win32.Crypren.prr
    Plagegeister aller Art und deren Bekämpfung - 28.03.2014 (5)
  4. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  5. Mahnungsmail mit ZIP Datei - Trojan-Ransom.Win32.Foreign.cjue
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (30)
  6. Trojan-Ransom.Win32.Foreign.abjw
    Log-Analyse und Auswertung - 23.04.2013 (11)
  7. Win7 ransomware wgsdgsdgdsgsd.dll, Win32/Reveton!lnk (runctf.lnk), Trojan.Ransom.Win32.Foreign.AMN (A)
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (9)
  8. Auf meinem PC: PUM.Disabled.SecurityCenter, Exploit.Drop.GS, Trojan.Delf, Trojan.Ransom.Gen
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (29)
  9. Trojan-Ransom.Win32.Gimemo.rmo desktop gesperrt
    Log-Analyse und Auswertung - 24.07.2012 (37)
  10. TR/Ransom.294912 (Antivir) / Trojan-Ransom.Win32.Gimemo.vyp (Kaspersky)
    Log-Analyse und Auswertung - 20.07.2012 (18)
  11. Warnung vor Trojan-Ransom.Win32.Birele.oyq
    Diskussionsforum - 06.06.2012 (1)
  12. trojan-ransom.win32.gimemo
    Plagegeister aller Art und deren Bekämpfung - 26.05.2012 (1)
  13. Bundestrojaner Trojan-Ransom.win32.Foreign.oja usw.
    Log-Analyse und Auswertung - 14.05.2012 (17)
  14. Trojan-Ransom.Win32.Gumemo.roq
    Log-Analyse und Auswertung - 11.05.2012 (20)
  15. RannohDecryptor: Verschlüsselungs-Trojaner Trojan-Ransom.Win32.Rannoh
    Diskussionsforum - 07.05.2012 (3)
  16. Trojan:Win32/Ransom.EZ
    Log-Analyse und Auswertung - 29.04.2012 (1)
  17. Trojan:Win32/Ransom.EJ
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (3)

Zum Thema Trojan:Win32/Ransom.EJ auf meinem Notebook - Hallo liebes Team, ich habe seit einigen Tagen mit dem Trojan:Win32/Ransom.EJ zu kämpfen. Ich kann den Laptop hochfahren, aber nach einiger Zeit kommt dann das schwarze Fenster mit dem Hinweis, - Trojan:Win32/Ransom.EJ auf meinem Notebook...
Archiv
Du betrachtest: Trojan:Win32/Ransom.EJ auf meinem Notebook auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.