Hallo,
seit einiger Zeit öffnet der IE selbstständig (obwohl er nicht mein Standartbrowser ist) und blockiert einige Zeit meinen Rechner. Die leere Seite setzt sich sehr penetrant in den Vordergrund so das man anfänglich nicht einmal erkennt das es sich um eine about:blank Seite handelt. (keine Symbolleiste, keine Scrollbar und die Taskleiste verschwindet im Hintergrund)
Auch das Ausschalten ist ausschlißlich über die Tastenkombi Alt+F4 möglich. Alles andere wird blockiert bis der IE ausgeschalten ist. Der IE setzt sich auch selbstständig als Standard fest. (hier sei auch erwähnt das ich niemals den IE benutze)
Auch wird seit einigen Tagen beim Hochfahren nicht immer alles Installiert (Mauspad, Tastatur, Grafiktablett oder einige Programme funktionieren fehlerhaft oder garnicht) erst nach mehrmaligen Neustart funktioniert alles wieder.
Ich habe im Internet einige Foren gefunden in welchen ähnliche Probleme beschrieben werden und das es möglicherweise ein Trojaner ist. Auch habe ich eine Seite gefunden wo man ein Programm downloaden kann um den Trojaner zu beseitigen. Leider scheint dieses Programm nur für Windows 95 bis XP vorgesehen und funktioniert nicht bei Vista.
Auch hier im Portal habe ich ähnliche Problembeschreibungen gefunden und mit HijackThis meinen Rechner überprüft .
Leider kann ich aus diesen Infos nichts herauslesen und möchte hier darum bitten das mir jemand dabei helfen kann und mir, falls es sich tatsächlich um einen Trojaner handeln sollte, bei der Beseitigung hilf.

Schon einmal Danke im Voraus, Junchen


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57:34, on 17.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Windows\SysWOW64\conime.exe
C:\PROGRA~2\Magentic\bin\MgApp.exe
C:\Program Files (x86)\IncrediMail\bin\ImApp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\PROGRA~2\MICROS~1\WksWP.exe
C:\PROGRA~2\MICROS~1\WkDStore.exe
C:\PROGRA~2\MICROS~1\wkgdcach.exe
C:\PROGRA~2\MICROS~1\WksWP.exe
C:\Users\J**n\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://g.uk.msn.com/USCON/8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://mystart.magentic.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h:://g.uk.msn.com/USCON/8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe"
O4 - HKLM\..\Run: [Babylon Client] "C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe" -AutoStart
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~2\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Win98sUpdateUtil.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\SCIEPlgn.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Kaspersky Security Suite CBE 09 (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TabletServiceWacom - Unknown owner - C:\Windows\system32\Wacom_Tablet.exe (file missing)
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11880 bytes

Hallo,

Hinweis: Du nutzt ein 64-Bit-Windows. Viele Tools, die wir hier als Hilfsmittel zum Bereinigen einsetzen, sind mit nem 64-Bit-Windows nicht kompatibel - das macht eine Bereinigung schwerer als sie ohnehin schon ist.

Bitte Malwarebytes und OTL ausführen:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Danke erst einmal für deine Antwort.
Ich werde das jetzt gleich mal machen und das Ergebnis hier posten

Junchen

Ich habe in der Reihenfolge wie du geschrieben hast

Zitat:

Bitte Malwarebytes und OTL ausführen:

installiert und ausgeführt.

hier das Ergebniss

bei der Datenmänge bin ich aber schon erschrocken und habe gleich nocheinmal nachgeschaut ob ich auch alles so angeschalten habe wie du es beschrieben hast.
Selbst das Programm hier ist der Meinung das es zu viele Zeichen sind deshalb muss ich die Scanergebnisse etwas aufteilen ich hoffe das das so richtig ist.

skan 1; Teil 1

OTL logfile created on: 18.12.2009 12:50:21 - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Users\Junchen\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 35,79% Memory free
4,00 Gb Paging File | 2,39 Gb Available in Paging File | 59,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,71 Gb Total Space | 156,43 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 4,82 Gb Free Space | 32,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHEFIN-PC
Current User Name: Junchen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Junchen\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe (Kaspersky Lab)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\PROGRA~2\Magentic\bin\MgApp.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
PRC - C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)


========== Modules (SafeList) ==========

MOD - C:\Users\Junchen\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll (Kaspersky Lab)
MOD - C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Ati External Event Utility) -- C:\Windows\SysNative\Ati2evxx.exe (ATI Technologies Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (TabletServiceWacom) -- C:\Windows\SysNative\Wacom_Tablet.exe (Wacom Technology, Corp.)
SRV:64bit: - (wltrysvc) -- C:\Windows\SysNative\WLTRYSVC.EXE ()
SRV:64bit: - (lxbk_device) -- C:\Windows\SysNative\lxbkcoms.exe ( )
SRV - (TuneUp.Defrag) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe (Kaspersky Lab)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (stllssvr) -- C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (lxbk_device) -- C:\Windows\SysWow64\lxbkcoms.exe ( )
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2006.11.02 14:34:14 | 00,000,000 | ---D | M]
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (VSS) -- C:\Windows\SysWOW64\wbem\vss.mof ()
SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (KLIF) -- C:\Windows\SysNative\DRIVERS\klif.sys (Kaspersky Lab)
DRV:64bit: - (TKFsAv) -- C:\Windows\SysNative\TKFsAv2k64.sys (Copyright (C) INCA Internet. 2000-2009)
DRV:64bit: - (TKRgFt) -- C:\Windows\SysNative\TKRgFtXp64.sys (Copyright (C) INCA Internet. 2000-2009)
DRV:64bit: - (TKRgAc) -- C:\Windows\SysNative\TKRgAc2k64.sys (Copyright (C) INCA Internet. 2000-2009)
DRV:64bit: - (TKFsFt) -- C:\Windows\SysNative\TKFsFt2k64.sys (Copyright (C) INCA Internet. 2000-2009)
DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (TKFsAc) -- C:\Windows\SysNative\TKFsAc2k64.sys (Copyright (C) INCA Internet. 2000-2009)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (OA001Vid) -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (OA001Ufd) -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys (Creative Technology Ltd.)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\BCM42RLY.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\DRIVERS\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (itecir) -- C:\Windows\SysNative\DRIVERS\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (kl1) -- C:\Windows\SysNative\DRIVERS\kl1.sys (Kaspersky Lab)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\DRIVERS\rimspx64.sys (REDC)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\DRIVERS\klim6.sys (Kaspersky Lab)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (KLFLTDEV) -- C:\Windows\SysNative\DRIVERS\klfltdev.sys (Kaspersky Lab)
DRV:64bit: - (KLBG) -- C:\Windows\SysNative\DRIVERS\klbg.sys (Kaspersky Lab)
DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\Drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (WacomVKHid) -- C:\Windows\SysNative\DRIVERS\WacomVKHid.sys (Wacom Technology)
DRV:64bit: - (aiptektp) -- C:\Windows\SysNative\DRIVERS\aiptektp.sys (WALTOP International Corp.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (itecir) -- C:\Windows\ITECIR [2009.09.03 17:38:20 | 00,000,000 | ---D | M]
DRV - (TKFsAv) -- C:\Windows\SysWOW64\TKFsAv.dll (INCA Internet Co., Ltd.)
DRV - (TKFsAc) -- C:\Windows\SysWOW64\TKFsAc.dll (INCA Internet Co., Ltd.)
DRV - (TKRgAc) -- C:\Windows\SysWOW64\TKRgAc.dll (INCA Internet Co., Ltd.)
DRV - (TKRgFt) -- C:\Windows\SysWOW64\TKRgFt.dll (INCA Internet Co., Ltd.)
DRV - (TKFsFt) -- C:\Windows\SysWOW64\TKFsFt.dll (INCA Internet Co., Ltd.)
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.magentic.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.4.0.4
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar&search="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.12.18 12:18:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.12.18 12:18:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\THBExt [2009.09.10 11:56:43 | 00,000,000 | ---D | M]

[2009.09.09 22:41:00 | 00,000,000 | ---D | M] -- C:\Users\Junchen\AppData\Roaming\mozilla\Extensions
[2009.12.18 12:28:45 | 00,000,000 | ---D | M] -- C:\Users\Junchen\AppData\Roaming\mozilla\Firefox\Profiles\v364r8sq.default\extensions
[2009.12.13 17:09:41 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Junchen\AppData\Roaming\mozilla\Firefox\Profiles\v364r8sq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.12.13 17:09:33 | 00,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\Junchen\AppData\Roaming\mozilla\Firefox\Profiles\v364r8sq.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2009.10.19 21:39:07 | 00,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Junchen\AppData\Roaming\mozilla\Firefox\Profiles\v364r8sq.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.12.15 22:49:19 | 00,000,944 | ---- | M] () -- C:\Users\Junchen\AppData\Roaming\Mozilla\FireFox\Profiles\v364r8sq.default\searchplugins\icqplugin.xml
[2009.11.23 18:18:47 | 00,002,139 | ---- | M] () -- C:\Users\Junchen\AppData\Roaming\Mozilla\FireFox\Profiles\v364r8sq.default\searchplugins\MyStart Search.xml
[2009.10.19 21:38:50 | 00,003,915 | ---- | M] () -- C:\Users\Junchen\AppData\Roaming\Mozilla\FireFox\Profiles\v364r8sq.default\searchplugins\sweetim.xml
[2009.11.23 15:34:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.10.29 17:22:22 | 00,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.09.23 13:53:48 | 00,002,151 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2009.10.29 17:22:22 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2009.10.29 17:22:22 | 00,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.10.29 17:22:22 | 00,000,986 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.10.29 17:22:22 | 00,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [Magentic] C:\Programme (x86)\Magentic\bin\Magentic.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Junchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files (x86)\Dell\DellDock\DellDock.exe File not found
O4 - Startup: C:\Users\Junchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Junchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Win98sUpdateUtil.exe (NFLAVOR)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Translate with &Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\ie_banner_deny.htm ()
O8 - Extra context menu item: Translate with &Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9:64bit: - Extra Button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\x64\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Statistik für den Schutz des Web-Datenverkehrs - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 09\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\adialhk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\adialhk.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.04.30 16:01:00 | 00,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{30895078-9d1b-11de-add7-002219ebb2cb}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009.12.18 12:46:22 | 00,000,000 | ---D | C] -- C:\Users\Junchen\AppData\Roaming\Malwarebytes
[2009.12.18 12:46:14 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.12.18 12:46:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.12.18 12:46:12 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.12.18 12:46:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.12.11 09:57:06 | 00,036,168 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2009.12.11 09:57:06 | 00,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2009.12.11 09:57:06 | 00,025,928 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2009.12.11 09:57:06 | 00,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2009.12.10 15:03:54 | 00,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices
[2009.12.10 15:03:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2009.12.10 15:03:54 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009.12.10 09:04:24 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2009.12.10 09:04:24 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2009.12.10 09:04:24 | 00,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2009.12.10 09:04:22 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2009.12.10 09:04:21 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2009.12.10 09:04:20 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2009.12.10 09:04:20 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2009.12.10 09:04:20 | 00,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2009.12.10 09:04:20 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009.12.10 09:04:20 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2009.12.10 09:04:20 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2009.12.10 09:04:20 | 00,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009.12.10 09:04:20 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009.12.10 09:04:20 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2009.12.10 09:04:20 | 00,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2009.12.10 09:04:20 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2009.12.10 09:04:20 | 00,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009.12.10 09:04:20 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2009.12.10 09:04:20 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2009.12.10 09:04:20 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009.12.10 09:04:20 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2009.12.10 09:04:20 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009.12.10 09:04:19 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2009.12.10 09:04:19 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009.12.10 09:04:19 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2009.12.10 09:04:19 | 00,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2009.12.10 09:04:19 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2009.12.10 09:04:19 | 00,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2009.12.10 09:04:19 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2009.12.10 09:04:19 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2009.12.10 09:04:19 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2009.12.10 09:04:19 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2009.12.10 09:04:19 | 00,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2009.12.10 09:04:19 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2009.12.10 09:04:19 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2009.12.10 09:04:19 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2009.12.10 09:04:19 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2009.12.10 09:04:18 | 03,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2009.12.10 09:04:18 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2009.12.10 09:04:18 | 01,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2009.12.10 09:04:18 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2009.12.10 09:04:18 | 01,142,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll
[2009.12.10 09:04:18 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2009.12.10 09:04:18 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2009.12.10 09:04:18 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2009.12.10 09:04:18 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2009.12.10 09:04:18 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2009.12.10 09:03:11 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2009.12.10 09:03:10 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2009.12.10 09:03:10 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2009.12.10 09:03:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2009.12.10 09:03:02 | 02,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2009.12.10 09:03:02 | 02,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2009.12.10 09:03:02 | 00,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2009.12.10 09:03:02 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2009.12.10 09:03:02 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2009.12.10 09:03:02 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2009.12.10 09:03:02 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2009.12.10 09:03:02 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2009.12.10 09:03:01 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2009.12.10 09:03:01 | 00,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2009.12.10 09:03:01 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2009.12.10 09:03:01 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2009.12.10 09:03:01 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2009.12.10 09:03:01 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2009.12.10 09:03:01 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2009.12.10 09:01:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2009.12.10 09:01:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2009.12.10 09:01:06 | 00,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2009.12.10 09:01:06 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2009.12.10 09:01:06 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2009.12.10 08:53:47 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2009.12.10 08:53:47 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2009.12.10 08:53:45 | 03,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2009.12.10 08:53:45 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2009.12.10 08:53:45 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2009.12.10 08:53:45 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2009.12.10 08:51:42 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshhttp.dll
[2009.12.10 08:51:42 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2009.12.10 08:51:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2009.12.10 08:51:30 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2009.12.09 18:30:51 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009.12.09 18:30:50 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009.12.09 18:30:45 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009.12.09 18:30:43 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2009.12.09 18:30:43 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009.12.09 18:30:39 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2009.12.09 18:30:39 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009.12.09 18:21:31 | 00,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2009.12.09 18:21:31 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2009.12.08 07:59:44 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009.12.08 06:46:07 | 00,000,000 | ---D | C] -- C:\WTablet
[2009.12.07 21:06:46 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2009.12.07 21:06:46 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2009.12.07 21:06:46 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2009.12.07 21:06:45 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2009.12.07 21:06:45 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2009.12.07 21:06:45 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2009.12.07 19:51:12 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2009.12.03 22:19:23 | 02,080,768 | ---- | C] (Dell, Inc. ) -- C:\Users\Junchen\AppData\Roaming\DataSafeDotNet.exe
[2009.12.03 14:04:38 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009.12.03 14:04:37 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009.12.03 14:04:32 | 02,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2009.12.03 14:04:32 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2009.12.03 14:04:31 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2009.12.03 14:04:30 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009.12.03 14:04:29 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009.12.03 14:04:26 | 02,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2009.12.03 14:04:26 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2009.12.03 14:04:26 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2009.12.03 14:04:26 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2009.12.03 14:04:26 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2009.12.03 14:04:26 | 00,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2009.12.03 14:04:26 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2009.12.03 14:04:23 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009.12.03 14:04:20 | 01,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2009.12.03 14:04:20 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2009.12.03 14:04:20 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2009.12.03 14:04:20 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2009.12.03 14:04:19 | 02,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2009.12.03 14:04:19 | 01,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2009.12.03 14:04:19 | 01,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009.12.03 14:04:19 | 01,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2009.12.03 14:04:19 | 00,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2009.12.03 14:04:18 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2009.12.03 14:04:18 | 00,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2009.12.03 14:04:16 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009.12.03 14:04:15 | 03,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2009.12.03 14:04:13 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009.12.03 14:04:11 | 01,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2009.12.03 14:04:10 | 00,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2009.12.03 14:04:10 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2009.12.03 14:04:10 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2009.12.03 14:04:09 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2009.12.03 14:04:09 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2009.12.03 14:04:09 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2009.12.03 14:04:08 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2009.12.03 14:04:07 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2009.12.03 14:04:06 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2009.12.03 14:04:05 | 03,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2009.12.03 14:04:04 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009.12.03 14:04:04 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009.12.03 14:04:03 | 01,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2009.12.03 14:04:02 | 02,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2009.12.03 14:04:02 | 01,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2009.12.03 14:04:02 | 01,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2009.12.03 14:04:02 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2009.12.03 14:04:02 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2009.12.03 14:04:01 | 02,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2009.12.03 14:04:00 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2009.12.03 14:04:00 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2009.12.03 14:04:00 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2009.12.03 14:03:57 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2009.12.03 14:03:56 | 01,915,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2009.12.03 14:03:56 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2009.12.03 14:03:56 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2009.12.03 14:03:55 | 00,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2009.12.03 14:03:54 | 00,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2009.12.03 14:03:54 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2009.12.03 14:03:53 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2009.12.03 14:03:53 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2009.12.03 14:03:53 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2009.12.03 14:03:53 | 00,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2009.12.03 14:03:53 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2009.12.03 14:03:53 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2009.12.03 14:03:52 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009.12.03 14:03:52 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2009.12.03 14:03:51 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2009.12.03 14:03:51 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2009.12.03 14:03:49 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2009.12.03 14:03:49 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2009.12.03 14:03:49 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009.12.03 14:03:49 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009.12.03 14:03:49 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2009.12.03 14:03:48 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2009.12.03 14:03:48 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009.12.03 14:03:47 | 00,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2009.12.03 14:03:46 | 03,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2009.12.03 14:03:46 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2009.12.03 14:03:46 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2009.12.03 14:03:46 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2009.12.03 14:03:46 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2009.12.03 14:03:45 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2009.12.03 14:03:45 | 00,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2009.12.03 14:03:44 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sperror.dll
[2009.12.03 14:03:44 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009.12.03 14:03:43 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2009.12.03 14:03:43 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2009.12.03 14:03:42 | 01,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2009.12.03 14:03:42 | 01,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2009.12.03 14:03:42 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2009.12.03 14:03:42 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009.12.03 14:03:41 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2009.12.03 14:03:41 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009.12.03 14:03:41 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLC.dll
[2009.12.03 14:03:40 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2009.12.03 14:03:40 | 01,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2009.12.03 14:03:40 | 00,581,632 | ---- | C] (Microsoft) -- C:\Windows\SysNative\IasMigPlugin.dll
[2009.12.03 14:03:40 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2009.12.03 14:03:40 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2009.12.03 14:03:39 | 01,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2009.12.03 14:03:39 | 00,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2009.12.03 14:03:39 | 00,049,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009.12.03 14:03:37 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2009.12.03 14:03:37 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2009.12.03 14:03:37 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009.12.03 14:03:37 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2009.12.03 14:03:37 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2009.12.03 14:03:36 | 01,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2009.12.03 14:03:36 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2009.12.03 14:03:36 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2009.12.03 14:03:36 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2009.12.03 14:03:36 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorShell.dll
[2009.12.03 14:03:36 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2009.12.03 14:03:35 | 01,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2009.12.03 14:03:35 | 01,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2009.12.03 14:03:35 | 01,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2009.12.03 14:03:35 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2009.12.03 14:03:35 | 00,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2009.12.03 14:03:34 | 01,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2009.12.03 14:03:34 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IasMigReader.exe
[2009.12.03 14:03:34 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2009.12.03 14:03:33 | 03,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009.12.03 14:03:32 | 00,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2009.12.03 14:03:32 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2009.12.03 14:03:31 | 01,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2009.12.03 14:03:31 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2009.12.03 14:03:31 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2009.12.03 14:03:30 | 01,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2009.12.03 14:03:30 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2009.12.03 14:03:30 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2009.12.03 14:03:30 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2009.12.03 14:03:29 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2009.12.03 14:03:29 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2009.12.03 14:03:29 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\IasMigPlugin.dll
[2009.12.03 14:03:28 | 01,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2009.12.03 14:03:28 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2009.12.03 14:03:28 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2009.12.03 14:03:27 | 01,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2009.12.03 14:03:27 | 00,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009.12.03 14:03:27 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2009.12.03 14:03:26 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009.12.03 14:03:26 | 00,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2009.12.03 14:03:26 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2009.12.03 14:03:25 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2009.12.03 14:03:25 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009.12.03 14:03:25 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2009.12.03 14:03:24 | 00,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2009.12.03 14:03:24 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009.12.03 14:03:24 | 00,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2009.12.03 14:03:24 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrecst.dll
[2009.12.03 14:03:23 | 02,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2009.12.03 14:03:22 | 02,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2009.12.03 14:03:22 | 00,602,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2009.12.03 14:03:22 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2009.12.03 14:03:21 | 01,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2009.12.03 14:03:21 | 01,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2009.12.03 14:03:21 | 00,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll
[2009.12.03 14:03:21 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2009.12.03 14:03:21 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2009.12.03 14:03:20 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2009.12.03 14:03:20 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2009.12.03 14:03:20 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2009.12.03 14:03:20 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009.12.03 14:03:20 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2009.12.03 14:03:20 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2009.12.03 14:03:19 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2009.12.03 14:03:19 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2009.12.03 14:03:19 | 00,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2009.12.03 14:03:19 | 00,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2009.12.03 14:03:19 | 00,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2009.12.03 14:03:19 | 00,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2009.12.03 14:03:18 | 00,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2009.12.03 14:03:18 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2009.12.03 14:03:18 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2009.12.03 14:03:18 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2009.12.03 14:03:17 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2009.12.03 14:03:17 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2009.12.03 14:03:17 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2009.12.03 14:03:17 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2009.12.03 14:03:16 | 01,570,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2009.12.03 14:03:16 | 00,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2009.12.03 14:03:16 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2009.12.03 14:03:16 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2009.12.03 14:03:16 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2009.12.03 14:03:15 | 01,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2009.12.03 14:03:15 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2009.12.03 14:03:15 | 00,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2009.12.03 14:03:15 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2009.12.03 14:03:15 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2009.12.03 14:03:15 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2009.12.03 14:03:14 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2009.12.03 14:03:13 | 00,461,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009.12.03 14:03:13 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2009.12.03 14:03:13 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2009.12.03 14:03:12 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2009.12.03 14:03:11 | 01,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2009.12.03 14:03:11 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2009.12.03 14:03:11 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2009.12.03 14:03:10 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2009.12.03 14:03:10 | 01,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2009.12.03 14:03:10 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2009.12.03 14:03:10 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2009.12.03 14:03:09 | 00,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2009.12.03 14:03:09 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll
[2009.12.03 14:03:09 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2009.12.03 14:03:09 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009.12.03 14:03:08 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2009.12.03 14:03:08 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009.12.03 14:03:08 | 00,354,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2009.12.03 14:03:08 | 00,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2009.12.03 14:03:08 | 00,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2009.12.03 14:03:07 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2009.12.03 14:03:07 | 00,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2009.12.03 14:03:07 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2009.12.03 14:03:07 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009.12.03 14:03:06 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2009.12.03 14:03:05 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009.12.03 14:03:05 | 01,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll

scan1 ; Teil2


[2009.12.03 14:03:05 | 00,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2009.12.03 14:03:05 | 00,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009.12.03 14:03:04 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2009.12.03 14:03:03 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2009.12.03 14:03:03 | 00,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2009.12.03 14:03:02 | 01,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2009.12.03 14:03:02 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2009.12.03 14:03:02 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2009.12.03 14:03:02 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2009.12.03 14:03:02 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2009.12.03 14:03:01 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2009.12.03 14:03:00 | 01,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2009.12.03 14:03:00 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2009.12.03 14:03:00 | 00,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2009.12.03 14:03:00 | 00,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2009.12.03 14:03:00 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2009.12.03 14:02:59 | 00,935,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsecsnp.dll
[2009.12.03 14:02:59 | 00,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2009.12.03 14:02:59 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassdo.dll
[2009.12.03 14:02:59 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll
[2009.12.03 14:02:58 | 01,394,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wercon.exe
[2009.12.03 14:02:58 | 00,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2009.12.03 14:02:58 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2009.12.03 14:02:58 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2009.12.03 14:02:57 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2009.12.03 14:02:56 | 02,272,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2009.12.03 14:02:55 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2009.12.03 14:02:55 | 00,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2009.12.03 14:02:55 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCommDlg.dll
[2009.12.03 14:02:55 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2009.12.03 14:02:55 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2009.12.03 14:02:54 | 00,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2009.12.03 14:02:54 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WcnNetsh.dll
[2009.12.03 14:02:53 | 03,174,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2009.12.03 14:02:53 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apds.dll
[2009.12.03 14:02:53 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswstr10.dll
[2009.12.03 14:02:53 | 00,462,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2009.12.03 14:02:53 | 00,264,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2009.12.03 14:02:53 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propdefs.dll
[2009.12.03 14:02:52 | 00,717,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2009.12.03 14:02:52 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2009.12.03 14:02:50 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2009.12.03 14:02:50 | 01,114,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2009.12.03 14:02:50 | 00,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2009.12.03 14:02:49 | 00,992,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2009.12.03 14:02:49 | 00,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2009.12.03 14:02:49 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.dll
[2009.12.03 14:02:49 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2009.12.03 14:02:49 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2009.12.03 14:02:49 | 00,166,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2009.12.03 14:02:48 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2009.12.03 14:02:48 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd2x40.dll
[2009.12.03 14:02:48 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MMDevAPI.dll
[2009.12.03 14:02:47 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2009.12.03 14:02:47 | 00,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtutil.exe
[2009.12.03 14:02:46 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2009.12.03 14:02:46 | 00,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2009.12.03 14:02:46 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2009.12.03 14:02:45 | 00,981,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2009.12.03 14:02:43 | 02,570,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\milcore.dll
[2009.12.03 14:02:43 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscb.dll
[2009.12.03 14:02:42 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2009.12.03 14:02:42 | 00,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2009.12.03 14:02:42 | 00,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasnap.dll
[2009.12.03 14:02:42 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtutil.exe
[2009.12.03 14:02:41 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2009.12.03 14:02:41 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssitlb.dll
[2009.12.03 14:02:41 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2009.12.03 14:02:40 | 01,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2009.12.03 14:02:38 | 01,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2009.12.03 14:02:38 | 00,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2009.12.03 14:02:38 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassam.dll
[2009.12.03 14:02:38 | 00,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2009.12.03 14:02:38 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll
[2009.12.03 14:02:38 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtffilt.dll
[2009.12.03 14:02:37 | 00,923,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2009.12.03 14:02:37 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2009.12.03 14:02:37 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devmgr.dll
[2009.12.03 14:02:37 | 00,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldpc.dll
[2009.12.03 14:02:37 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfp.dll
[2009.12.03 14:02:37 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2009.12.03 14:02:37 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBthProxy.dll
[2009.12.03 14:02:35 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz.dll
[2009.12.03 14:02:35 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2009.12.03 14:02:34 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2009.12.03 14:02:34 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2009.12.03 14:02:34 | 00,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2009.12.03 14:02:34 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2009.12.03 14:02:34 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reg.exe
[2009.12.03 14:02:33 | 00,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2009.12.03 14:02:33 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi.dll
[2009.12.03 14:02:33 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quick.ime
[2009.12.03 14:02:33 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\phon.ime
[2009.12.03 14:02:33 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cintlgnt.ime
[2009.12.03 14:02:33 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chajei.ime
[2009.12.03 14:02:33 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2009.12.03 14:02:32 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2009.12.03 14:02:32 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2009.12.03 14:02:32 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.dll
[2009.12.03 14:02:32 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2009.12.03 14:02:32 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qintlgnt.ime
[2009.12.03 14:02:32 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2009.12.03 14:02:32 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2009.12.03 14:02:31 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\brcpl.dll
[2009.12.03 14:02:31 | 01,234,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2009.12.03 14:02:31 | 00,748,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2009.12.03 14:02:31 | 00,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2009.12.03 14:02:30 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswdat10.dll
[2009.12.03 14:02:30 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2009.12.03 14:02:30 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2009.12.03 14:02:30 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2009.12.03 14:02:30 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjter40.dll
[2009.12.03 14:02:29 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnrollUI.dll
[2009.12.03 14:02:29 | 00,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2009.12.03 14:02:28 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2009.12.03 14:02:28 | 00,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2009.12.03 14:02:28 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\offfilt.dll
[2009.12.03 14:02:28 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnsapi.dll
[2009.12.03 14:02:28 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\reg.exe
[2009.12.03 14:02:28 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2009.12.03 14:02:27 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2009.12.03 14:02:27 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2009.12.03 14:02:27 | 00,123,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2009.12.03 14:02:26 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RelMon.dll
[2009.12.03 14:02:26 | 00,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2009.12.03 14:02:26 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2009.12.03 14:02:26 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrobj.dll
[2009.12.03 14:02:26 | 00,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fundisc.dll
[2009.12.03 14:02:26 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2009.12.03 14:02:26 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2009.12.03 14:02:25 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2009.12.03 14:02:25 | 00,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rsaenh.dll
[2009.12.03 14:02:25 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2009.12.03 14:02:25 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2009.12.03 14:02:24 | 00,488,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2009.12.03 14:02:24 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2009.12.03 14:02:24 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsldpc.dll
[2009.12.03 14:02:24 | 00,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpsetup.dll
[2009.12.03 14:02:24 | 00,093,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2009.12.03 14:02:24 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2009.12.03 14:02:23 | 00,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2009.12.03 14:02:23 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2009.12.03 14:02:23 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2009.12.03 14:02:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdiag.dll
[2009.12.03 14:02:22 | 01,321,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2009.12.03 14:02:22 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2009.12.03 14:02:22 | 00,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrad.dll
[2009.12.03 14:02:22 | 00,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fundisc.dll
[2009.12.03 14:02:22 | 00,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcsvc6.dll
[2009.12.03 14:02:22 | 00,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2009.12.03 14:02:21 | 00,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2009.12.03 14:02:21 | 00,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2009.12.03 14:02:21 | 00,034,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2009.12.03 14:02:20 | 00,785,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Utilman.exe
[2009.12.03 14:02:20 | 00,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2009.12.03 14:02:20 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2009.12.03 14:02:20 | 00,212,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2009.12.03 14:02:20 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2009.12.03 14:02:20 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasdatastore.dll
[2009.12.03 14:02:19 | 01,035,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2009.12.03 14:02:19 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi.dll
[2009.12.03 14:02:17 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2009.12.03 14:02:17 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2009.12.03 14:02:17 | 00,980,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2009.12.03 14:02:16 | 00,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2009.12.03 14:02:16 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2009.12.03 14:02:15 | 02,024,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2009.12.03 14:02:15 | 01,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2009.12.03 14:02:15 | 01,691,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\connect.dll
[2009.12.03 14:02:15 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2009.12.03 14:02:15 | 00,260,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFault.exe
[2009.12.03 14:02:15 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassdo.dll
[2009.12.03 14:02:15 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasads.dll
[2009.12.03 14:02:15 | 00,039,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2009.12.03 14:02:14 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2009.12.03 14:02:14 | 00,302,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2009.12.03 14:02:14 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2009.12.03 14:02:14 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2009.12.03 14:02:14 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvinst.exe
[2009.12.03 14:02:14 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spcmsg.dll
[2009.12.03 14:02:14 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spcmsg.dll
[2009.12.03 14:02:13 | 02,420,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2009.12.03 14:02:13 | 01,093,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pidgenx.dll
[2009.12.03 14:02:13 | 00,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnntfy.dll
[2009.12.03 14:02:13 | 00,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsound.dll
[2009.12.03 14:02:13 | 00,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2009.12.03 14:02:13 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2009.12.03 14:02:12 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2009.12.03 14:02:12 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2009.12.03 14:02:11 | 01,060,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2009.12.03 14:02:11 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2009.12.03 14:02:11 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnrollUI.dll
[2009.12.03 14:02:11 | 00,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsdyn.dll
[2009.12.03 14:02:11 | 00,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2009.12.03 14:02:10 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2009.12.03 14:02:10 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pidgenx.dll
[2009.12.03 14:02:10 | 00,911,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdlg.dll
[2009.12.03 14:02:10 | 00,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\InkEd.dll
[2009.12.03 14:02:10 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2009.12.03 14:02:10 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2009.12.03 14:02:10 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2009.12.03 14:02:09 | 01,676,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chsbrkr.dll
[2009.12.03 14:02:09 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2009.12.03 14:02:09 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2009.12.03 14:02:09 | 00,073,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2009.12.03 14:02:08 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2009.12.03 14:02:08 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2009.12.03 14:02:08 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comuid.dll
[2009.12.03 14:02:08 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2009.12.03 14:02:07 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncrypt.dll
[2009.12.03 14:02:06 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2009.12.03 14:02:06 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassam.dll
[2009.12.03 14:02:06 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iashlpr.dll
[2009.12.03 14:02:06 | 00,055,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PSHED.DLL
[2009.12.03 14:02:06 | 00,019,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2009.12.03 14:02:05 | 00,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2009.12.03 14:02:05 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2009.12.03 14:02:05 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2009.12.03 14:02:05 | 00,049,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys
[2009.12.03 14:02:05 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2009.12.03 14:02:04 | 00,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2009.12.03 14:02:04 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2009.12.03 14:02:04 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2009.12.03 14:02:04 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasapi32.dll
[2009.12.03 14:02:04 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssprxy.dll
[2009.12.03 14:02:03 | 01,740,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2009.12.03 14:02:03 | 00,734,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2009.12.03 14:02:03 | 00,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2009.12.03 14:02:03 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2009.12.03 14:02:03 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2009.12.03 14:02:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntmarta.dll
[2009.12.03 14:02:03 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2009.12.03 14:02:03 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpr.dll
[2009.12.03 14:02:02 | 02,079,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2009.12.03 14:02:02 | 01,891,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVENCOD.DLL
[2009.12.03 14:02:02 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2009.12.03 14:02:02 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2009.12.03 14:02:02 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassvcs.dll
[2009.12.03 14:02:01 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2009.12.03 14:02:01 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2009.12.03 14:02:01 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasnap.dll
[2009.12.03 14:02:00 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2009.12.03 14:02:00 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2009.12.03 14:02:00 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2009.12.03 14:01:59 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2009.12.03 14:01:59 | 01,444,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2009.12.03 14:01:59 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2009.12.03 14:01:59 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2009.12.03 14:01:59 | 00,029,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys
[2009.12.03 14:01:58 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2009.12.03 14:01:58 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2009.12.03 14:01:58 | 00,153,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2009.12.03 14:01:58 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodg.exe
[2009.12.03 14:01:58 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasacct.dll
[2009.12.03 14:01:58 | 00,022,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2009.12.03 14:01:57 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2009.12.03 14:01:57 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powrprof.dll
[2009.12.03 14:01:57 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwm.exe
[2009.12.03 14:01:57 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2009.12.03 14:01:56 | 03,235,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2009.12.03 14:01:56 | 01,301,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2009.12.03 14:01:56 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspaint.exe
[2009.12.03 14:01:55 | 01,882,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2009.12.03 14:01:55 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2009.12.03 14:01:55 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RelMon.dll
[2009.12.03 14:01:55 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2009.12.03 14:01:55 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2009.12.03 14:01:54 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2009.12.03 14:01:54 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2009.12.03 14:01:54 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2009.12.03 14:01:54 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2009.12.03 14:01:54 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2009.12.03 14:01:54 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsepno.dll
[2009.12.03 14:01:53 | 01,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009.12.03 14:01:53 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2009.12.03 14:01:53 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Utilman.exe
[2009.12.03 14:01:53 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2009.12.03 14:01:53 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authz.dll
[2009.12.03 14:01:53 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstlsapi.dll
[2009.12.03 14:01:52 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2009.12.03 14:01:52 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFault.exe
[2009.12.03 14:01:52 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2009.12.03 14:01:52 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2009.12.03 14:01:52 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2009.12.03 14:01:51 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnntfy.dll
[2009.12.03 14:01:51 | 00,396,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioEng.dll
[2009.12.03 14:01:51 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2009.12.03 14:01:51 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2009.12.03 14:01:51 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2009.12.03 14:01:51 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2009.12.03 14:01:51 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsmsext.dll
[2009.12.03 14:01:51 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2009.12.03 14:01:50 | 00,995,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2009.12.03 14:01:50 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2009.12.03 14:01:50 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSTheme.exe
[2009.12.03 14:01:49 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2009.12.03 14:01:49 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsound.dll
[2009.12.03 14:01:49 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2009.12.03 14:01:49 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2009.12.03 14:01:49 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ulib.dll
[2009.12.03 14:01:49 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasdatastore.dll
[2009.12.03 14:01:48 | 01,279,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2009.12.03 14:01:48 | 00,387,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2009.12.03 14:01:48 | 00,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscntfy.dll
[2009.12.03 14:01:48 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnpsetup.dll
[2009.12.03 14:01:48 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2009.12.03 14:01:48 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\console.dll
[2009.12.03 14:01:48 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2009.12.03 14:01:48 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2009.12.03 14:01:48 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdProxy.dll
[2009.12.03 14:01:47 | 01,110,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2009.12.03 14:01:47 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsecsnp.dll
[2009.12.03 14:01:47 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2009.12.03 14:01:47 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2009.12.03 14:01:47 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2009.12.03 14:01:47 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2009.12.03 14:01:47 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastapi.dll
[2009.12.03 14:01:47 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2009.12.03 14:01:46 | 00,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2009.12.03 14:01:46 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2009.12.03 14:01:46 | 00,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2009.12.03 14:01:46 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpapi.dll
[2009.12.03 14:01:46 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iashlpr.dll
[2009.12.03 14:01:46 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfdisk.dll
[2009.12.03 14:01:45 | 00,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpcao.dll
[2009.12.03 14:01:45 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsdyn.dll
[2009.12.03 14:01:45 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys
[2009.12.03 14:01:44 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVENCOD.DLL
[2009.12.03 14:01:44 | 00,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2009.12.03 14:01:44 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasapi32.dll
[2009.12.03 14:01:44 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009.12.03 14:01:44 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\newdev.exe
[2009.12.03 14:01:44 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2009.12.03 14:01:44 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceEject.exe
[2009.12.03 14:01:43 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaui.dll
[2009.12.03 14:01:43 | 00,437,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2009.12.03 14:01:43 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2009.12.03 14:01:43 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2009.12.03 14:01:43 | 00,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2009.12.03 14:01:43 | 00,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2009.12.03 14:01:43 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msisip.dll
[2009.12.03 14:01:42 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2009.12.03 14:01:42 | 00,810,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcc.dll
[2009.12.03 14:01:42 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrad.dll
[2009.12.03 14:01:42 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2009.12.03 14:01:42 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2009.12.03 14:01:42 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hdwwiz.exe
[2009.12.03 14:01:42 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshbth.dll
[2009.12.03 14:01:41 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2009.12.03 14:01:41 | 00,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\modemui.dll
[2009.12.03 14:01:41 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2009.12.03 14:01:41 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2009.12.03 14:01:40 | 02,680,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2009.12.03 14:01:40 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2009.12.03 14:01:40 | 00,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2009.12.03 14:01:40 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2009.12.03 14:01:40 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ulib.dll
[2009.12.03 14:01:40 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\feclient.dll
[2009.12.03 14:01:39 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2009.12.03 14:01:39 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2009.12.03 14:01:39 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshext.dll
[2009.12.03 14:01:38 | 06,100,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chtbrkr.dll
[2009.12.03 14:01:38 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2009.12.03 14:01:38 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdlg.dll
[2009.12.03 14:01:38 | 00,589,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2009.12.03 14:01:38 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imm32.dll
[2009.12.03 14:01:38 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iassvcs.dll
[2009.12.03 14:01:37 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2009.12.03 14:01:37 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnpui.dll
[2009.12.03 14:01:37 | 00,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2009.12.03 14:01:37 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2009.12.03 14:01:36 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2009.12.03 14:01:36 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpmon.dll
[2009.12.03 14:01:36 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2009.12.03 14:01:36 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2009.12.03 14:01:35 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcc.dll
[2009.12.03 14:01:35 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2009.12.03 14:01:35 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2009.12.03 14:01:35 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2009.12.03 14:01:35 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstlsapi.dll
[2009.12.03 14:01:35 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasads.dll
[2009.12.03 14:01:35 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dataclen.dll
[2009.12.03 14:01:34 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2009.12.03 14:01:34 | 00,474,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2009.12.03 14:01:34 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2009.12.03 14:01:34 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powrprof.dll
[2009.12.03 14:01:34 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifmon.dll
[2009.12.03 14:01:33 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2009.12.03 14:01:33 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2009.12.03 14:01:33 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasplap.dll
[2009.12.03 14:01:33 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasacct.dll
[2009.12.03 14:01:33 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2009.12.03 14:01:33 | 00,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2009.12.03 14:01:32 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2009.12.03 14:01:32 | 00,619,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2009.12.03 14:01:32 | 00,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2009.12.03 14:01:32 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleprn.dll
[2009.12.03 14:01:32 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.exe
[2009.12.03 14:01:32 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fc.exe
[2009.12.03 14:01:31 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2009.12.03 14:01:31 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2009.12.03 14:01:31 | 00,622,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVXENCD.DLL
[2009.12.03 14:01:31 | 00,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2009.12.03 14:01:31 | 00,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thawbrkr.dll
[2009.12.03 14:01:31 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmmon32.exe
[2009.12.03 14:01:30 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2009.12.03 14:01:30 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2009.12.03 14:01:30 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2009.12.03 14:01:30 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pcaui.dll
[2009.12.03 14:01:30 | 00,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2009.12.03 14:01:30 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scksp.dll
[2009.12.03 14:01:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscisvif.dll
[2009.12.03 14:01:29 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmci.dll
[2009.12.03 14:01:29 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iaspolcy.dll
[2009.12.03 14:01:29 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwinsat.dll
[2009.12.03 14:01:28 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2009.12.03 14:01:28 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2009.12.03 14:01:28 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2009.12.03 14:01:27 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2009.12.03 14:01:27 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2009.12.03 14:01:27 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2009.12.03 14:01:27 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rekeywiz.exe
[2009.12.03 14:01:26 | 02,575,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2009.12.03 14:01:26 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpcao.dll
[2009.12.03 14:01:26 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2009.12.03 14:01:26 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2009.12.03 14:01:26 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsutil.dll
[2009.12.03 14:01:26 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2009.12.03 14:01:26 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pintlgnt.ime
[2009.12.03 14:01:26 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2009.12.03 14:01:26 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimtf.dll
[2009.12.03 14:01:25 | 00,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2009.12.03 14:01:25 | 00,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2009.12.03 14:01:25 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscandui.dll
[2009.12.03 14:01:25 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scksp.dll
[2009.12.03 14:01:25 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2009.12.03 14:01:25 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2009.12.03 14:01:25 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\feclient.dll
[2009.12.03 14:01:24 | 02,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2009.12.03 14:01:24 | 00,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsprop.dll
[2009.12.03 14:01:23 | 01,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2009.12.03 14:01:23 | 00,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiaaut.dll
[2009.12.03 14:01:23 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2009.12.03 14:01:23 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2009.12.03 14:01:22 | 00,779,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2009.12.03 14:01:22 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2009.12.03 14:01:22 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2009.12.03 14:01:22 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2009.12.03 14:01:22 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleprn.dll
[2009.12.03 14:01:22 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2009.12.03 14:01:22 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rekeywiz.exe
[2009.12.03 14:01:22 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2009.12.03 14:01:21 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2009.12.03 14:01:21 | 00,320,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2009.12.03 14:01:21 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2009.12.03 14:01:21 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2009.12.03 14:01:21 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iaspolcy.dll
[2009.12.03 14:01:21 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\whealogr.dll
[2009.12.03 14:01:21 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscisvif.dll
[2009.12.03 14:01:20 | 01,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscui.cpl
[2009.12.03 14:01:20 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2009.12.03 14:01:20 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2009.12.03 14:01:20 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapimig.exe
[2009.12.03 14:01:20 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfdisk.dll
[2009.12.03 14:01:19 | 01,738,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscui.cpl
[2009.12.03 14:01:19 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasgcw.dll
[2009.12.03 14:01:19 | 00,557,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2009.12.03 14:01:19 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2009.12.03 14:01:19 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certreq.exe
[2009.12.03 14:01:19 | 00,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\extmgr.dll
[2009.12.03 14:01:19 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2009.12.03 14:01:19 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hdwwiz.exe
[2009.12.03 14:01:18 | 03,341,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2009.12.03 14:01:18 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2009.12.03 14:01:18 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\extmgr.dll
[2009.12.03 14:01:18 | 00,032,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2009.12.03 14:01:16 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasplap.dll
[2009.12.03 14:01:16 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2009.12.03 14:01:16 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2009.12.03 14:01:16 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSTheme.exe
[2009.12.03 14:01:16 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPutil.exe
[2009.12.03 14:01:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwinsat.dll
[2009.12.03 14:01:15 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2009.12.03 14:01:15 | 00,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2009.12.03 14:01:15 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certreq.exe
[2009.12.03 14:01:15 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2009.12.03 14:01:15 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmon.dll
[2009.12.03 14:01:15 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2009.12.03 14:01:15 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conime.exe
[2009.12.03 14:01:15 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWSD.dll
[2009.12.03 14:01:15 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmmon32.exe
[2009.12.03 14:01:14 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2009.12.03 14:01:14 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msutb.dll
[2009.12.03 14:01:14 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2009.12.03 14:01:14 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2009.12.03 14:01:14 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2009.12.03 14:01:14 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2009.12.03 14:01:14 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\whealogr.dll
[2009.12.03 14:01:13 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmdial32.dll
[2009.12.03 14:01:13 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2009.12.03 14:01:13 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys
[2009.12.03 14:01:12 | 02,438,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oobefldr.dll
[2009.12.03 14:01:12 | 00,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2009.12.03 14:01:12 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2009.12.03 14:01:11 | 00,521,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmdial32.dll
[2009.12.03 14:01:11 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2009.12.03 14:01:11 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2009.12.03 14:01:11 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\conime.exe
[2009.12.03 14:01:11 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsCtfMonitor.dll
[2009.12.03 14:01:10 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVXENCD.DLL
[2009.12.03 14:01:10 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiaaut.dll
[2009.12.03 14:01:10 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2009.12.03 14:01:10 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2009.12.03 14:01:10 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlgpclnt.dll
[2009.12.03 14:01:10 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWSD.dll
[2009.12.03 14:01:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cipher.exe
[2009.12.03 14:01:09 | 01,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2009.12.03 14:01:09 | 00,688,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2009.12.03 14:01:09 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2009.12.03 14:01:09 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2009.12.03 14:01:09 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2009.12.03 14:01:09 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsprop.dll
[2009.12.03 14:01:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\l2nacp.dll
[2009.12.03 14:01:09 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2009.12.03 14:01:08 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oobefldr.dll
[2009.12.03 14:01:08 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\softkbd.dll
[2009.12.03 14:01:08 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\btpanui.dll
[2009.12.03 14:01:08 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009.12.03 14:01:08 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2009.12.03 14:01:07 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2009.12.03 14:01:07 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\modemui.dll
[2009.12.03 14:01:07 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
[2009.12.03 14:01:07 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscandui.dll
[2009.12.03 14:01:07 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasmontr.dll
[2009.12.03 14:01:07 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasmontr.dll
[2009.12.03 14:01:05 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2009.12.03 14:01:05 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2009.12.03 14:01:05 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlgpclnt.dll
[2009.12.03 14:01:05 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2009.12.03 14:01:05 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2009.12.03 14:01:05 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NcdProp.dll
[2009.12.03 14:01:04 | 01,129,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2009.12.03 14:01:04 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2009.12.03 14:01:04 | 00,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2009.12.03 14:01:04 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2009.12.03 14:01:04 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2009.12.03 14:01:04 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSDMon.dll
[2009.12.03 14:01:04 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskmon.dll
[2009.12.03 14:01:04 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2009.12.03 14:01:03 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2009.12.03 14:01:03 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2009.12.03 14:01:03 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2009.12.03 14:01:03 | 00,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2009.12.03 14:01:03 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2009.12.03 14:01:03 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adsmsext.dll
[2009.12.03 14:01:02 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkexplorer.dll
[2009.12.03 14:01:02 | 00,946,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2009.12.03 14:01:02 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2009.12.03 14:01:02 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\InkEd.dll
[2009.12.03 14:01:02 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2009.12.03 14:01:02 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpresult.exe
[2009.12.03 14:01:02 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfui.dll
[2009.12.03 14:01:02 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2009.12.03 14:01:02 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cipher.exe
[2009.12.03 14:01:02 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2009.12.03 14:01:02 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifmon.dll
[2009.12.03 14:01:02 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\version.dll
[2009.12.03 14:01:01 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2009.12.03 14:01:01 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mdminst.dll
[2009.12.03 14:01:01 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2009.12.03 14:01:01 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimtf.dll
[2009.12.03 14:01:00 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2009.12.03 14:00:59 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll

scan1 ; Teil3


[2009.12.03 14:00:59 | 00,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSDMon.dll
[2009.12.03 14:00:59 | 00,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2009.12.03 14:00:59 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\softkbd.dll
[2009.12.03 14:00:59 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logagent.exe
[2009.12.03 14:00:59 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sendmail.dll
[2009.12.03 14:00:59 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasdial.exe
[2009.12.03 14:00:58 | 00,403,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2009.12.03 14:00:58 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2009.12.03 14:00:58 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmsynth.dll
[2009.12.03 14:00:58 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msctfui.dll
[2009.12.03 14:00:58 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rshx32.dll
[2009.12.03 14:00:57 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2009.12.03 14:00:57 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2009.12.03 14:00:56 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2009.12.03 14:00:56 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2009.12.03 14:00:56 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2009.12.03 14:00:56 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiapi.dll
[2009.12.03 14:00:56 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2009.12.03 14:00:56 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FwRemoteSvr.dll
[2009.12.03 14:00:56 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\deskadp.dll
[2009.12.03 14:00:55 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2009.12.03 14:00:54 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2009.12.03 14:00:54 | 00,116,736 | ---- | C] (Microsoft) -- C:\Windows\SysNative\SMBHelperClass.dll
[2009.12.03 14:00:54 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2009.12.03 14:00:54 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdSSDP.dll
[2009.12.03 14:00:54 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshbth.dll
[2009.12.03 14:00:54 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fc.exe
[2009.12.03 14:00:54 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msisip.dll
[2009.12.03 14:00:53 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2009.12.03 14:00:53 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthci.dll
[2009.12.03 14:00:52 | 00,291,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2009.12.03 14:00:52 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscntfy.dll
[2009.12.03 14:00:52 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdmaud.drv
[2009.12.03 14:00:52 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tintlgnt.ime
[2009.12.03 14:00:52 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dmusic.dll
[2009.12.03 14:00:52 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys
[2009.12.03 14:00:52 | 00,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpapi.dll
[2009.12.03 14:00:52 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdSSDP.dll
[2009.12.03 14:00:52 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2009.12.03 14:00:52 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsCtfMonitor.dll
[2009.12.03 14:00:51 | 02,247,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2009.12.03 14:00:51 | 00,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2009.12.03 14:00:51 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2009.12.03 14:00:51 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PNPXAssoc.dll
[2009.12.03 14:00:51 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2009.12.03 14:00:51 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\l2nacp.dll
[2009.12.03 14:00:51 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2009.12.03 14:00:51 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2009.12.03 14:00:51 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscapi.dll
[2009.12.03 14:00:51 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2009.12.03 14:00:51 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjint40.dll
[2009.12.03 14:00:51 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CHxReadingStringIME.dll
[2009.12.03 14:00:50 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2009.12.03 14:00:50 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\SMBHelperClass.dll
[2009.12.03 14:00:50 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Storprop.dll
[2009.12.03 14:00:50 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2009.12.03 14:00:49 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2009.12.03 14:00:49 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdiag.dll
[2009.12.03 14:00:49 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2009.12.03 14:00:49 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthudtask.exe
[2009.12.03 14:00:49 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasdial.exe
[2009.12.03 14:00:48 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappcfg.dll
[2009.12.03 14:00:48 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdWCN.dll
[2009.12.03 14:00:48 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdWCN.dll
[2009.12.03 14:00:48 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009.12.03 14:00:48 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2009.12.03 14:00:48 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipconfig.exe
[2009.12.03 14:00:48 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CHxReadingStringIME.dll
[2009.12.03 14:00:47 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2009.12.03 14:00:47 | 00,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappcfg.dll
[2009.12.03 14:00:47 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLLUA.exe
[2009.12.03 14:00:47 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2009.12.03 14:00:47 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tscupgrd.exe
[2009.12.03 14:00:47 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkitemfactory.dll
[2009.12.03 14:00:47 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slcinst.dll
[2009.12.03 14:00:47 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkitemfactory.dll
[2009.12.03 14:00:46 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2009.12.03 14:00:46 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2009.12.03 14:00:46 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2009.12.03 14:00:46 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscupgrd.exe
[2009.12.03 14:00:46 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slcinst.dll
[2009.12.03 14:00:46 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2009.12.03 14:00:46 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2009.12.03 14:00:46 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2009.12.03 14:00:45 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2009.12.03 14:00:45 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2009.12.03 14:00:45 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msacm32.drv
[2009.12.03 14:00:45 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcico.dll
[2009.12.03 14:00:44 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsigd.dll
[2009.12.03 14:00:43 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cbsra.exe
[2009.12.03 14:00:43 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2009.12.03 14:00:43 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpupdate.exe
[2009.12.03 14:00:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsilog.dll
[2009.12.03 14:00:41 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2009.12.03 14:00:41 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2009.12.03 14:00:41 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthudtask.exe
[2009.12.03 14:00:41 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NcdProp.dll
[2009.12.03 14:00:41 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdmdbg.dll
[2009.12.03 14:00:41 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetppui.dll
[2009.12.03 14:00:40 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2009.12.03 14:00:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2009.12.03 14:00:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2009.12.03 14:00:40 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2009.12.03 14:00:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2009.12.03 14:00:39 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\midimap.dll
[2009.12.03 14:00:36 | 00,068,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys
[2009.12.03 14:00:36 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2009.12.03 14:00:36 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2009.12.03 14:00:35 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2009.12.03 14:00:35 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2009.12.03 14:00:34 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\f3ahvoas.dll
[2009.12.03 14:00:34 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\f3ahvoas.dll
[2009.12.03 14:00:34 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2009.12.03 14:00:34 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2009.12.03 14:00:02 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2009.12.03 13:59:56 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2009.12.03 13:59:28 | 00,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2009.12.03 13:59:26 | 00,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdscore.dll
[2009.12.03 13:59:26 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2009.12.03 13:59:21 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2009.12.02 01:25:51 | 00,000,000 | ---D | C] -- C:\Users\Junchen\Documents\OneNote-Notizbücher
[2009.11.26 19:51:05 | 00,000,000 | ---D | C] -- C:\Users\Junchen\Documents\Micha
[2009.11.25 11:31:12 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2009.11.25 11:31:12 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2009.11.24 18:05:53 | 00,000,000 | ---D | C] -- C:\Users\Junchen\Documents\Bianca
[2009.11.23 19:24:35 | 00,000,000 | R--D | C] -- C:\Users\Junchen\Desktop\Incredi
[2009.11.23 18:24:15 | 00,750,984 | ---- | C] (IncrediMail LTD.) -- C:\Windows\SysWow64\Magentic Screensaver.scr
[2009.11.23 18:23:56 | 00,000,000 | ---D | C] -- C:\Users\Junchen\AppData\Local\Magentic
[2009.11.23 18:23:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Magentic
[2009.11.23 15:26:52 | 00,000,000 | ---D | C] -- C:\ProgramData\PhotoMail
[2009.11.23 15:26:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoMail Maker
[2009.09.25 17:22:50 | 00,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2009.09.25 17:22:50 | 00,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2009.09.25 17:22:50 | 00,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2009.09.25 17:22:50 | 00,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2009.09.25 17:22:49 | 01,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2009.09.25 17:22:49 | 00,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2009.09.25 17:22:49 | 00,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2009.09.25 17:22:49 | 00,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2009.09.25 17:22:49 | 00,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2009.09.25 17:22:49 | 00,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2009.09.25 17:22:49 | 00,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
========== Files - Modified Within 30 Days ==========

[2009.12.18 12:49:35 | 02,621,440 | -HS- | M] () -- C:\Users\Junchen\NTUSER.DAT
[2009.12.18 12:46:17 | 00,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.18 12:44:33 | 00,000,574 | ---- | M] () -- C:\Users\Junchen\Desktop\mbam-setup - Verknüpfung.lnk
[2009.12.18 12:44:06 | 00,000,533 | ---- | M] () -- C:\Users\Junchen\Desktop\OTL - Verknüpfung.lnk
[2009.12.18 12:22:25 | 01,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.12.18 12:22:25 | 00,618,442 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2009.12.18 12:22:25 | 00,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.12.18 12:22:25 | 00,122,842 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2009.12.18 12:22:25 | 00,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.12.18 12:14:38 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.12.18 12:14:38 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.12.18 12:14:33 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.12.18 12:14:26 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.12.18 12:14:23 | 21,421,30176 | -HS- | M] () -- C:\hiberfil.sys
[2009.12.17 21:09:11 | 00,006,900 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.idx
[2009.12.17 21:09:10 | 05,548,092 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat
[2009.12.17 21:09:10 | 01,220,668 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox2.dat
[2009.12.17 21:09:10 | 00,053,740 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx
[2009.12.17 21:08:45 | 00,524,288 | -HS- | M] () -- C:\Users\Junchen\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2009.12.17 21:08:45 | 00,065,536 | -HS- | M] () -- C:\Users\Junchen\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009.12.17 21:08:23 | 01,922,967 | -H-- | M] () -- C:\Users\Junchen\AppData\Local\IconCache.db
[2009.12.17 19:51:35 | 00,003,452 | ---- | M] () -- C:\Users\Junchen\AppData\Roaming\wklnhst.dat
[2009.12.15 22:38:41 | 02,080,768 | ---- | M] (Dell, Inc. ) -- C:\Users\Junchen\AppData\Roaming\DataSafeDotNet.exe
[2009.12.13 22:17:15 | 00,071,328 | ---- | M] () -- C:\Users\Junchen\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.12.13 22:15:50 | 00,303,528 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.12.11 09:56:55 | 00,001,923 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2009.12.11 09:56:55 | 00,001,909 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2009.12.10 15:03:25 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.12.09 13:45:12 | 00,034,632 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2009.12.09 13:38:46 | 00,025,928 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2009.12.09 13:38:42 | 00,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2009.12.09 13:38:38 | 00,036,168 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2009.12.09 13:38:30 | 00,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2009.12.08 07:59:38 | 43,103,8142 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009.12.03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.12.03 16:13:58 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.12.02 01:25:51 | 00,001,189 | ---- | M] () -- C:\Users\Junchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2009.12.01 11:28:22 | 00,007,052 | ---- | M] () -- C:\Users\Junchen\AppData\Local\d3d9caps.dat
[2009.11.27 15:01:31 | 00,011,403 | ---- | M] () -- C:\Users\Junchen\Documents\Ein Kommentar in eigener Sache.docx

========== Files Created - No Company Name ==========

[2009.12.18 12:46:17 | 00,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.12.18 12:44:33 | 00,000,574 | ---- | C] () -- C:\Users\Junchen\Desktop\mbam-setup - Verknüpfung.lnk
[2009.12.18 12:44:06 | 00,000,533 | ---- | C] () -- C:\Users\Junchen\Desktop\OTL - Verknüpfung.lnk
[2009.12.11 09:56:55 | 00,001,923 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2009.12.10 15:03:25 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009.12.08 07:59:38 | 43,103,8142 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009.12.03 14:03:53 | 00,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2009.12.03 14:03:53 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.12.03 14:03:36 | 00,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2009.12.03 14:03:06 | 00,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2009.12.03 14:03:04 | 00,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2009.12.03 14:03:01 | 00,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.12.03 14:03:01 | 00,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2009.12.03 14:02:56 | 03,662,128 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2009.12.03 14:02:56 | 03,662,128 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2009.12.03 14:02:56 | 00,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2009.12.03 14:02:18 | 00,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2009.12.03 14:02:13 | 00,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2009.12.03 14:02:13 | 00,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2009.12.03 14:02:08 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.12.03 14:01:23 | 00,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2009.12.03 14:01:23 | 00,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2009.12.03 14:00:40 | 00,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2009.12.03 14:00:40 | 00,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2009.12.02 01:25:51 | 00,001,189 | ---- | C] () -- C:\Users\Junchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2009.11.26 23:42:22 | 00,011,403 | ---- | C] () -- C:\Users\Junchen\Documents\Ein Kommentar in eigener Sache.docx
[2009.09.25 17:22:50 | 00,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2009.09.25 17:22:50 | 00,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2009.09.24 13:50:55 | 01,511,424 | ---- | C] () -- C:\Windows\SysWow64\sn3win.dll
[2009.09.10 11:51:53 | 00,007,052 | ---- | C] () -- C:\Users\Junchen\AppData\Local\d3d9caps.dat
[2009.09.09 21:44:55 | 00,006,144 | ---- | C] () -- C:\Users\Junchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.09 10:42:50 | 00,003,452 | ---- | C] () -- C:\Users\Junchen\AppData\Roaming\wklnhst.dat
[2008.01.21 03:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
< End of report >

und hier der zweite Logfile-scan



scan2


OTL Extras logfile created on: 18.12.2009 12:50:21 - Run 1
OTL by OldTimer - Version 3.1.18.0 Folder = C:\Users\Junchen\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,99 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 35,79% Memory free
4,00 Gb Paging File | 2,39 Gb Available in Paging File | 59,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 217,71 Gb Total Space | 156,43 Gb Free Space | 71,85% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 4,82 Gb Free Space | 32,12% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CHEFIN-PC
Current User Name: Junchen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = F4 45 AA 15 7A 77 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19EB09CF-ACC8-40C0-B72D-14159A0DFCCB}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B12509E-D233-4AB3-A0F4-57D8239728EE}" = rport=445 | protocol=6 | dir=out | app=system |
"{21272AA7-2BE8-4958-A526-712B0A5607E0}" = lport=138 | protocol=17 | dir=in | app=system |
"{21BD27C8-84CD-42FF-8023-BE08BADFE9F3}" = lport=4514 | protocol=6 | dir=in | name=rappelz |
"{29A1AE89-23C5-448C-AD33-C5F7F56B7490}" = rport=137 | protocol=17 | dir=out | app=system |
"{33778A1D-4159-4D1E-861E-7D9BA1EB1A81}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3CFC1C00-8D7E-427E-8489-69BAAC833A35}" = lport=80 | protocol=6 | dir=in | name=rappelz |
"{462B9D40-5935-4D99-9A87-6095DF28683B}" = lport=4518 | protocol=6 | dir=in | name=rappelz |
"{59E0669E-17C5-4705-8B64-61163D9C813A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5E97AD1D-DA75-450C-B019-8312C7CC719E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{71479A88-BE9A-4126-95B3-A6F74C308CFE}" = lport=139 | protocol=6 | dir=in | app=system |
"{78DBEC33-D04B-4BC3-ACAC-E9A5E58228B7}" = lport=4500 | protocol=6 | dir=in | name=rappelz |
"{8E4C7EF2-8917-4F2D-895A-765751FBFCAF}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC59EB64-C1D2-4711-B108-35015DD216BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BC8A21C2-8BC3-4AC5-AB60-AAFC32F236A3}" = rport=139 | protocol=6 | dir=out | app=system |
"{CBFF3654-30BD-4E9F-B90B-072442EC3EAF}" = lport=21 | protocol=6 | dir=in | name=rappelz |
"{CD4E7ABA-4C72-49C6-B9E0-2293E773E0A1}" = lport=3516 | protocol=6 | dir=in | name=rappelz |
"{F10BE930-656D-4C87-892F-B15404A48A4E}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0ED23322-F0E6-45FF-B74C-426957A4058F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{3274B464-DCB6-4619-B4FB-A693746C0776}" = protocol=6 | dir=in | app=c:\program files (x86)\incredimail\bin\imapp.exe |
"{333AD4BC-FCB8-4F1F-833D-242DB4DCE971}" = protocol=6 | dir=in | app=c:\program files (x86)\incredimail\bin\incmail.exe |
"{36DD3075-ACC5-4D92-9708-8394D9455B7C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{38260372-42DC-4C33-AC24-22205FF64E26}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{49295381-3C3D-4845-AA0D-465F2C95C1FD}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxbkcoms.exe |
"{49D39BC5-10DE-4A87-8A7D-85118B091322}" = protocol=17 | dir=in | app=c:\program files\gpotato.eu\rappelz\launcher.exe |
"{4D61A0D2-9365-450B-B5D7-BF5474873706}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{50555D55-4BAC-4519-BB17-CC903E425C8F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6036EF40-5F86-45DA-A43B-284D140F81E6}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{6262CF1E-BDAE-4071-B48D-483DD47E4C50}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6954D0F0-35E4-4676-A1C7-B2985221134A}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{6CD25B0B-D152-4981-9E53-12F2323CC1F1}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe |
"{74A8FE16-EB81-4008-9E32-C34D44E59329}" = protocol=17 | dir=in | app=c:\program files (x86)\incredimail\bin\imapp.exe |
"{76CC9380-66C4-450C-81B3-56AB6CE98075}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{817375AF-C021-48B9-8B9C-6144AD2C36B7}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{8E543AA6-64C7-4473-910C-346C8BE792DB}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{8EAAAE61-BB6F-46D3-826A-48F387FA3B3D}" = protocol=17 | dir=in | app=c:\program files\gpotato.eu\rappelz\win98supdateutil.exe |
"{99BF23E6-3923-4E9C-AF02-92A463698313}" = protocol=6 | dir=in | app=c:\program files (x86)\incredimail\bin\impcnt.exe |
"{AB32605E-DDFD-4E36-881A-0F493FBC84C5}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxbkcoms.exe |
"{B3699B5E-B5BB-4FB7-B159-183DC0F9042A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BCBC2904-AF55-467A-BE82-39B5FE925BF4}" = protocol=6 | dir=in | app=c:\program files\gpotato.eu\rappelz\rappelzconfig.exe |
"{C052147F-EC5B-4E66-AFF7-0A4033E893E3}" = protocol=6 | dir=in | app=c:\program files\gpotato.eu\rappelz\sframe.exe |
"{C41255B9-D5B5-4BA6-A9FF-331F8533B3A2}" = protocol=6 | dir=in | app=c:\program files\gpotato.eu\rappelz\launcher.exe |
"{D0F4AC00-003F-4A10-BD00-B73BC86CF0B6}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DD06A121-B540-49FE-9598-4F510BBBECA2}" = protocol=17 | dir=in | app=c:\program files (x86)\incredimail\bin\impcnt.exe |
"{DD87F670-856A-4BB6-9A86-CA0CADE11ADE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DFE694AA-0AE4-48DB-9C5E-29F414141275}" = protocol=17 | dir=in | app=c:\program files\gpotato.eu\rappelz\sframe.exe |
"{EB025215-4D23-4485-AB89-C43C62A35CB6}" = protocol=6 | dir=in | app=c:\program files\gpotato.eu\rappelz\win98supdateutil.exe |
"{F1B39F8B-A1DA-4712-9338-BA7A0951C35D}" = protocol=17 | dir=in | app=c:\program files (x86)\incredimail\bin\incmail.exe |
"{FB58A567-2806-462D-8F14-918BE098AEB8}" = protocol=17 | dir=in | app=c:\program files\gpotato.eu\rappelz\rappelzconfig.exe |
"TCP Query User{790A7F46-DD4F-49C3-831C-849A93641005}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{67F73A92-E0B7-4E10-8242-E0C49695BAFB}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FBEDFFE-80F3-06BE-B004-9594C4E8E555}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309)
"Lexmark X1100 Series" = Lexmark X1100 Series
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0904ED3B-0FCD-A153-2F80-F7F5AB0329BA}" = Catalyst Control Center Graphics Previews Vista
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F090069-6450-9559-72BD-2437FF935EEC}" = CCC Help Swedish
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15382D89-6EF6-4D21-9484-B500F2B10E46}" = PhotoMail Maker
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{34386C65-FD55-CEBD-AF7F-5126751BAA98}" = Catalyst Control Center InstallProxy
"{3643D422-9AFF-81D6-252C-14A8A3AD88D3}" = CCC Help Korean
"{3889CA7B-A8FC-09CB-C6D4-B134A2336DD9}" = CCC Help Portuguese
"{394B918B-47B0-D281-6AB8-E58871B54C91}" = Catalyst Control Center Core Implementation
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B7E26A8-4B67-D878-3AE3-0079686C52B6}" = CCC Help Spanish
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51B6CDCD-8802-B41A-61E4-FC6A65FF217B}" = CCC Help French
"{531DDC1D-6563-8796-764A-A9C4E83C23E0}" = CCC Help English
"{55741CE4-41A5-4247-AB56-AD9DB32A4855}" = nProtect Security Platform 2007
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{56F4CA69-B3BC-81E6-304A-E650F3BB93A8}" = Catalyst Control Center Graphics Previews Common
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{61D9B6B3-B72E-C642-F0B0-8659EADB4CAA}" = Skins
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6FB141D8-1543-6588-623A-7D95969CB330}" = Catalyst Control Center Localization All
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C0AEF0E-BB23-5C44-4933-88F6AE1057D8}" = Catalyst Control Center Graphics Full New
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{80052E79-4A36-69BA-F44F-882A2E321116}" = CCC Help German
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{87460EB7-E62D-C963-4DDB-D2146478F59F}" = CCC Help Finnish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8BD8412A-40FB-9114-A8AE-CFB94C24C078}" = CCC Help Norwegian
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8C2522F0-8B10-139C-3379-3620EA6A254D}" = CCC Help Dutch
"{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Security Suite CBE 09
"{8FCE7358-DA6B-789A-44AB-E52256ACB330}" = CCC Help Chinese Traditional
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{924306A0-2C14-4F4E-8201-0B0791DA10B4}_is1" = Cradle of Persia
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{958DF0E4-CC0D-BDD5-28D1-A1B961E48A85}" = ccc-core-static
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A8E83877-671C-A1A3-F4D3-C3D74E5AE8B9}" = CCC Help Chinese Standard
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{ADB4809A-3857-F18D-153F-391EB1D37C59}" = Catalyst Control Center Graphics Full Existing
"{B354E49B-DBDC-442D-5615-BD07B3A0B932}" = Catalyst Control Center Graphics Light
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B787CD67-506B-4C9A-8A99-D2C4460D055F}" = Catalyst Control Center - Branding
"{B96C8D6D-B0E5-CD7B-BC5D-739D5051E911}" = CCC Help Japanese
"{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CB72877A-D2BF-6F18-2D0A-52C4036E2DF6}" = CCC Help Russian
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D809E781-A654-3530-2B92-91FF959C507A}" = CCC Help Danish
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EC87E256-B0A4-4A41-8682-AB57FF21196D}" = SweetIM for Messenger 2.7
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F31D838B-E7F3-1E70-F54F-B009CD9219EE}" = CCC Help Italian
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6BB6248-C507-46FE-8A35-1B16F35E0441}" = ITECIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Babylon" = Babylon
"Chuzzle Deluxe 1.0" = Chuzzle Deluxe 1.0
"Dell Video Chat" = Dell Video Chat
"Dell Webcam Central" = Dell Webcam Central
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"IncrediMail" = IncrediMail
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"InstallWIX_{8CB14A64-CEF4-4C8F-B1C8-1C3B8752CB55}" = Kaspersky Security Suite CBE 09
"Magentic" = Magentic
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.16)" = Mozilla Firefox (3.0.16)
"PhotoMail" = PhotoMail Maker
"PremElem70" = Adobe Premiere Elements 7.0
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Wacom Tablet Driver" = Wacom Tablett
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 05.12.2009 20:29:36 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

Error - 06.12.2009 09:57:02 | Computer Name = Chefin-PC | Source = EventSystem | ID = 4621
Description =

Error - 06.12.2009 12:48:09 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

Error - 06.12.2009 13:23:22 | Computer Name = Chefin-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6001.18164 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: c38 Anfangszeit: 01ca7693d663bf35 Zeitpunkt
der Beendigung: 60000

Error - 06.12.2009 13:23:33 | Computer Name = Chefin-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 11.0.6001.7008 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 150c Anfangszeit: 01ca7694f161e9f5 Zeitpunkt
der Beendigung: 59039

Error - 06.12.2009 16:25:09 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

Error - 06.12.2009 18:39:14 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

Error - 06.12.2009 18:48:54 | Computer Name = Chefin-PC | Source = EventSystem | ID = 4621
Description =

Error - 06.12.2009 18:54:50 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

Error - 07.12.2009 14:46:08 | Computer Name = Chefin-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 03.11.2009 18:11:07 | Computer Name = Chefin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 03.11.2009 18:11:07 | Computer Name = Chefin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 04.11.2009 07:08:22 | Computer Name = Chefin-PC | Source = HTTP | ID = 15016
Description =

Error - 04.11.2009 07:09:32 | Computer Name = Chefin-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 04.11.2009 17:31:44 | Computer Name = Chefin-PC | Source = HTTP | ID = 15016
Description =

Error - 04.11.2009 17:32:34 | Computer Name = Chefin-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 05.11.2009 06:46:54 | Computer Name = Chefin-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error - 05.11.2009 06:47:08 | Computer Name = Chefin-PC | Source = HTTP | ID = 15016
Description =

Error - 05.11.2009 06:48:38 | Computer Name = Chefin-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 05.11.2009 06:56:18 | Computer Name = Chefin-PC | Source = HTTP | ID = 15016
Description =


< End of report >

seit dem letzten neustart habe ich zwei versteckte dateien/programme auf meinem desktop => desktop.ini
hat das was mit dem beiden programmen (Malwarebytes und OTL ) zu tun ?

Kenn ich so von den Programmen eher nicht. Die Desktop.ini kannst Du aber auch löschen.
Wo ist denn das Logfile von Malwarebytes?

Hallo,
entschuldige bitte das habe ich doch glatt bei der ganzen Datenmenge vergessen,

also hier das Logfile von Malwarebytes.


Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3383
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

21.12.2009 14:59:31
mbam-log-2009-12-21 (14-59-23).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 92035
Laufzeit: 6 minute(s), 8 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Zitat:

21.12.2009 14:59:31
mbam-log-2009-12-21 (14-59-23).txt
Scan-Methode: Quick-Scan

Hast Du vorher vergessen, Malwarebytes auszuführen? Das ist eben erstellt worden das Log. Du hast auch nur einen Quickscan und keinen vollständigen Durchlauf gemacht.

ja, ich habe es vergessen.
Muss ich jetzt beides neu erstellen oder reicht der vollständige Scan von Malwarebytes?

Mach bitte den vollständigen Scan.

er läuft schon, sobald er fertig ist poste ich ihn hier

ich habe jetzt zwei mal versucht den Logfile zu erstellen, aber nach etwa 50 min. hängt sich mein Rechner auf und geht in blue screen und schaltet sich anschlißend aus.
leider konnte ich nicht die vollständige Datei aufschreiben aber vielleicht kannst du damit etwas anfangen.
C:\Windows\winsxs\wow64_microsoft-windows-shell32_31bf3856ad364e35_ ...

Beim ersten mal war es eine shell32-Datei aber eine andere Zahl.

Was kann ich machen um den Logfile doch noch zu erstellen?

Gruß, Juna