| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: malware defense und security alertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.01.2010, 13:19
| #16 |
 |  malware defense und security alert Jupp, zum Glück habe ich von einem Freund der Systeminformatiker ist, eine "professionelle Rettungs CD". Damit kann ich eine Reperationsinstallaio ausführen.  Sind danach dann alle Viren rootkits gelöscht, also habe ich dann ein sauberes System? Oder muss ich dann noch was machen? |
|
09.01.2010, 13:27
| #17 |
| | malware defense und security alert Er sagt beiim Kopieren irgendwie, dass oembios.bin nict kopiert werden konnte? Ich habe die jetzt ausgelassen, und weiter installieren lassen. Ist die witig?
__________________ |
|
09.01.2010, 14:08
| #18 |
| | malware defense und security alert So ich bin wieder drinn!
__________________ War die bin datei jetzt wichtig und bin ich noch befallen? |
|
09.01.2010, 17:12
| #19 |
  | malware defense und security alert Hi, noch mal MAM scannen lassen und ein GMER-Log posten. Du musst nach einer Reparaturinstallation alle Servicepacks nachinstallieren, ev. sogar SP3. Rootkits etc. sind noch da, sie werden im allgemeinen nicht überbügelt, da ja die User- und Systemeinstellungen weitgehend erhalten bleiben! chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
09.01.2010, 20:41
| #20 |
| | malware defense und security alert Hier erstmal der MAM: Code:
ATTFilter Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3527
Windows 5.1.2600 Service Pack 1
Internet Explorer 6.0.2800.1106
09.01.2010 18:58:01
mbam-log-2010-01-09 (18-58-01).txt
Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 363506
Laufzeit: 1 hour(s), 13 minute(s), 28 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\LREC75DND7 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\E8WECRKKMV (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\ComboFix\Combo-Fix.sys (Malware.Trace) -> Quarantined and deleted successfully.
War CF eine malware??!! |
|
09.01.2010, 21:13
| #21 |
| | malware defense und security alert Hi, nein, CF benutzt aber die gleichen Mechanismen und wird daher meist von Scannern als Malware erkannt. Daher muss bei der Verwendung von ComboFix auch unbedingt die Antivierenlösung ausgeschaltet werden und zwar so, dass sie auch bei einem Reboot nicht wieder anläuft (dann versucht CF die erkannte Malware zu beseitigen, wird er dann von der Virenlösung "gestört" kann das fatale Folgen (siehe deinen Fall) haben... Poste bitte ein neues GMER-Log um sicher zu gehen (immerhin sagt MAM das es wieder zwei Einträge vom FakeAlert entfernt hat), sowie ein neues OTL-Log... chris Ps.: Das mit der UniversalBootCD würde ich an Deiner stelle mal durchziehen, für solche Fälle 
__________________ --> malware defense und security alert |
|
09.01.2010, 21:20
| #22 |
| | malware defense und security alert Ach das hättest du ruiog sagen können, dann ich Antivirt komplett ausgemacht, weil es startet ja bei dem reboot neu!!  |
|
09.01.2010, 21:36
| #23 |
| | malware defense und security alert Kannst du mir erklären wie genau ich bei der UniversalBoot CD vorgehen muss? |
|
09.01.2010, 22:09
| #24 |
| | malware defense und security alert Hi, keine Angst, normalerweise schaltet CF selbst die Antivirenlösung aus... Aber sicher ist sicher, nehme das manuelle Ausschalten mal in die Beschreibung auf. Wie gut ist Dein English (http://www.ubcd4win.com/howto.htm)? Im Groben sieht das so aus; UBCD runterladen, installieren, XP-CD auf die Festplatte kopieren (Speicherplatz beachten, es muss daraus dann nochmal eine ISO-Datei erstellt werden). Erstelle auf Deinem Rechner ein Verzeichnis (C:\XPCD), kopiere dann den gesamten Inhalt der CD da rein (vorher im Explorer einschalten, dass alle versteckten Dateien etc. angezeigt und Systemdateien nicht versteckt werden (damit auch alles kopiert werden kann)). Ist die gesamte XP-CD kopiert, starte UBCD4WinBuilder.exe (Normalerweise im Verzeichnis C:\ubcd4win), Copyright etc. abnicken, "Search for Windows installation Files" -> No, im darauffolgenden Fenster "Source" ->C:\XPCD, Outputpath wie Du willst oder einfach so lassen, dann entweder für das spätere Brennen eine ISO-Datei erstellen lassen (dann einen Filenamen bei "Create ISO-Image" eingeben!), oder gleich eine leere DVD rein und direkt brennen lassen. "Custom" leer lassen. Dann Build auswählen... Nochmal MS-Copyright abnicken und es geht los. Und nach ca. 0,5-1h haben wir eine Bootfertige Not-CD mit allem was man so braucht ;o)... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
09.01.2010, 22:56
| #25 |
| | malware defense und security alert Achso, das ist praktisch ein eigenes Windows (vom Design her) und ich kann dann, wenn ich befallen bin ganz einfach von der CD aus arbeiten?  |
|
09.01.2010, 23:32
| #26 |
| | malware defense und security alert Hi, jaein, nennen wir es "kleines Window" (BartPE)... In etwa ja, Du kannst auf die Platte zugreifen, Daten sichern/wiederherstellen, Remote die Regeditieren, Scanner auf die Reise schicken etc. Was machen die Logs (OTL und GMER)? chris (mache schluß für heute...)
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
10.01.2010, 09:48
| #29 |
| | malware defense und security alertCode:
ATTFilter OTL logfile created on: 10.01.2010 09:36:11 - Run 1 OTL by OldTimer - Version 3.1.22.0 Folder = C:\Programme\Sicherheits-Software Windows XP Professional Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2800.1106) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 458,00 Mb Available Physical Memory | 45,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 156,25 Gb Total Space | 118,73 Gb Free Space | 75,99% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: CHRIS Current User Name: Christopher Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Programme\Sicherheits-Software\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\WINDOWS\system32\PnkBstrB.exe () PRC - C:\WINDOWS\system32\PnkBstrA.exe () PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\GMX\GMX MultiMessenger\MESSENGR.EXE (GMX GmbH) PRC - C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) PRC - C:\Programme\MSI\US54EX\Installer\WINXP\MSI US54EX Wireless Client Utility.exe (MSI Technology GmbH ) PRC - C:\Programme\Orbitdownloader\orbitnet.exe (Orbitdownloader.com) PRC - C:\Programme\Trillian\trillian.exe (Cerulean Studios) PRC - C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.) PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Programme\Sicherheits-Software\OTL.exe (OldTimer Tools) MOD - C:\Programme\Trillian\msvcr71.dll (Microsoft Corporation) MOD - C:\Programme\Trillian\events.dll (Cerulean Studios) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\MSIMTF.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (gusvc) -- File not found SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (PnkBstrB) -- C:\WINDOWS\system32\PnkBstrB.exe () SRV - (PnkBstrA) -- C:\WINDOWS\system32\PnkBstrA.exe () SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies) SRV - (ATI Smart) -- C:\WINDOWS\system32\ati2sgag.exe () SRV - (ANIWZCSdService) -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.) SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation) SRV - (WmdmPmSp) -- C:\WINDOWS\system32\mspmspsv.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (PnkBstrK) -- C:\WINDOWS\system32\drivers\PnkBstrK.sys () DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AegisP) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (VMnetAdapter) -- C:\WINDOWS\system32\drivers\vmnetadapter.sys (VMware, Inc.) DRV - (avgntmgr) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys (Avira GmbH) DRV - (avgntdd) -- C:\WINDOWS\system32\drivers\avgntdd.sys (Avira GmbH) DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.) DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.) DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys () DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.8.9 FF - prefs.js..extensions.enabledItems: {4568ed01-8341-4961-b3d5-98ab068ce4c0}:1.0.1.4 FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.15 FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: ns-sitemap@example.com:1.0 FF - prefs.js..extensions.enabledItems: {d5ea4520-61a1-11da-8cd6-0800200c9a66}:2009.07.19 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0 FF - prefs.js..extensions.enabledItems: taboo@runningfrombears.com:0.6.0 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.2 FF - prefs.js..extensions.enabledItems: {9815d32d-08c2-42ca-a8c6-43e501a4512f}:0.3.2 FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:1.0.10 FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 8088 FF - prefs.js..network.proxy.no_proxies_on: "" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.01.06 16:55:27 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.01.06 15:33:22 | 00,000,000 | ---D | M] [2008.10.10 12:47:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Extensions [2009.11.10 16:11:28 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions [2009.11.10 16:01:17 | 00,000,000 | ---D | M] (CS Lite) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{00084897-021a-4361-8423-083407a033e0} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (JonDoFox) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (Dr.Web anti-virus link checker) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (SafeCache) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{670a77c5-010e-4476-a8ce-d09171318839} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2009.11.10 16:01:17 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2009.11.10 16:01:17 | 00,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (Menu Editor) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] (ProfileSwitcher) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4} [2009.11.10 16:01:18 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\beysim@beysim.net [2009.11.10 16:01:17 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\JonDoFox\extensions\elemhidehelper@adblockplus.org [2010.01.09 11:20:32 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions [2009.11.15 15:02:42 | 00,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d} [2009.11.15 14:56:30 | 00,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{4568ed01-8341-4961-b3d5-98ab068ce4c0} [2009.11.14 11:39:02 | 00,000,000 | ---D | M] (Show MyIP) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC} [2009.11.11 17:12:54 | 00,000,000 | ---D | M] (Tor-Proxy.NET Toolbar) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{9815d32d-08c2-42ca-a8c6-43e501a4512f} [2009.11.16 14:54:56 | 00,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf} [2009.11.14 11:39:02 | 00,000,000 | ---D | M] (QuickProxy) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66} [2010.01.06 15:33:38 | 00,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2009.11.16 14:54:56 | 00,000,000 | ---D | M] (Torbutton) -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2009.11.17 14:29:11 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\foxyproxy@eric.h.jung [2010.01.06 16:56:31 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\fsonlinescanner@f-secure.com [2009.11.23 15:43:28 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\ns-sitemap@example.com [2009.06.14 09:40:42 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\taboo@runningfrombears.com [2009.06.14 09:40:45 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Mozilla\Firefox\Profiles\xsvd9d0y.default\extensions\zotero@chnm.gmu.edu [2010.01.09 11:20:32 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.08.24 16:18:07 | 00,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2007.04.24 12:11:12 | 01,800,704 | ---- | M] (Myriad Software.) -- C:\Programme\Mozilla Firefox\plugins\NPMyrMus.dll [2009.11.03 03:14:39 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.11.03 03:14:39 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2009.11.03 03:14:39 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.11.03 03:14:39 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.11.03 03:14:39 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: (820 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {F4D76F01-7896-458a-890F-E1F05C46069F} - No CLSID value found. O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found. O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\Run: [GMX_GMX MultiMessenger] C:\Programme\GMX\GMX MultiMessenger\MESSENGR.EXE (GMX GmbH) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MSI US54EX Wireless Client Utility.lnk = C:\Programme\MSI\US54EX\Installer\WINXP\MSI US54EX Wireless Client Utility.exe (MSI Technology GmbH ) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk = C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) O4 - Startup: C:\Dokumente und Einstellungen\Christopher\Startmenü\Programme\Autostart\Trillian.lnk = C:\Programme\Trillian\trillian.exe (Cerulean Studios) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &Download by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll () O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm () O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm () O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O12 - Plugin for: .mu3 - C:\Programme\Internet Explorer\PLUGINS\NPMyrMus.dll (Myriad Software.) O12 - Plugin for: .mus - C:\Programme\Internet Explorer\PLUGINS\NPMyrMus.dll (Myriad Software.) O12 - Plugin for: .mut - C:\Programme\Internet Explorer\PLUGINS\NPMyrMus.dll (Myriad Software.) O12 - Plugin for: .myr - C:\Programme\Internet Explorer\PLUGINS\NPMyrMus.dll (Myriad Software.) O12 - Plugin for: .xmz - C:\Programme\Internet Explorer\PLUGINS\NPMyrMus.dll (Myriad Software.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1 O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\msdxm.ocx (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2008.03.31 13:05:52 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.01.09 17:42:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010.01.09 17:37:18 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010.01.09 17:37:18 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010.01.09 17:37:18 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010.01.09 17:37:00 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2010.01.09 17:13:56 | 00,000,000 | -HSD | C] -- C:\Config.Msi [2010.01.09 14:12:16 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christopher\Lokale Einstellungen\Anwendungsdaten\Tific [2010.01.09 14:11:51 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Christopher\Anwendungsdaten\Tific [2010.01.09 13:58:32 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010.01.09 13:54:42 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2010.01.09 13:54:42 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2010.01.09 13:54:42 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2010.01.09 13:54:41 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2010.01.09 13:54:41 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2010.01.09 13:54:40 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2010.01.09 13:54:39 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2010.01.09 13:54:39 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010.01.09 13:54:38 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll [2010.01.09 13:54:38 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll [2010.01.09 13:54:38 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010.01.09 13:54:37 | 00,338,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll [2010.01.09 13:54:37 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010.01.09 13:54:36 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010.01.09 13:54:36 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010.01.09 13:54:36 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010.01.09 13:54:35 | 00,426,042 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2010.01.09 13:54:35 | 00,086,074 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2010.01.09 13:54:32 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll [2010.01.09 13:54:32 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2010.01.09 13:54:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2010.01.09 13:54:31 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010.01.09 13:54:30 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll [2010.01.09 13:54:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2010.01.09 13:54:29 | 00,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2010.01.09 13:54:29 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2010.01.09 13:54:29 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2010.01.09 13:54:28 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010.01.09 13:54:28 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010.01.09 13:54:28 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010.01.09 13:54:27 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010.01.09 13:54:26 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll [2010.01.09 13:54:25 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll [2010.01.09 13:54:25 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010.01.09 13:54:24 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010.01.09 13:54:24 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll [2010.01.09 13:54:22 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2010.01.09 13:54:21 | 00,182,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2010.01.09 13:54:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2010.01.09 13:54:21 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010.01.09 13:54:21 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2010.01.09 13:54:21 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010.01.09 13:54:21 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2010.01.09 13:54:20 | 00,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2010.01.09 13:54:20 | 00,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2010.01.09 13:54:20 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2010.01.09 13:54:19 | 00,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2010.01.09 13:54:19 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2010.01.09 13:54:19 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010.01.09 13:54:19 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010.01.09 13:54:19 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll [2010.01.09 13:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010.01.09 13:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010.01.09 13:54:18 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010.01.09 13:54:18 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010.01.09 13:54:18 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010.01.09 13:54:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010.01.09 13:54:18 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010.01.09 13:54:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010.01.09 13:54:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010.01.09 13:54:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010.01.09 13:54:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010.01.09 13:54:17 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010.01.09 13:54:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010.01.09 13:54:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010.01.09 13:54:17 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010.01.09 13:54:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010.01.09 13:54:12 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll [2010.01.09 13:54:12 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010.01.09 13:54:12 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010.01.09 13:54:10 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010.01.09 13:54:10 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010.01.09 13:54:10 | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010.01.09 13:54:10 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2010.01.09 13:54:10 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll [2010.01.09 13:54:09 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll [2010.01.09 13:54:08 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2010.01.09 13:54:08 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010.01.09 13:54:07 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010.01.09 13:54:06 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2010.01.09 13:54:06 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010.01.09 13:54:05 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010.01.09 13:54:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll [2010.01.09 13:54:03 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010.01.09 13:54:03 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010.01.09 13:54:03 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010.01.09 13:54:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010.01.09 13:54:03 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010.01.09 13:54:02 | 00,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010.01.09 13:54:02 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010.01.09 13:54:01 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010.01.09 13:54:01 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010.01.09 13:54:00 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010.01.09 13:54:00 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010.01.09 13:54:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010.01.09 13:53:59 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010.01.09 13:53:59 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010.01.09 13:53:56 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010.01.09 13:53:55 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll [2010.01.09 13:53:54 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010.01.09 13:53:51 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010.01.09 13:53:51 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2010.01.09 13:53:45 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010.01.09 13:53:45 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010.01.09 13:53:38 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010.01.09 13:53:38 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010.01.09 13:53:38 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll [2010.01.09 13:53:38 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2010.01.09 13:53:37 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010.01.09 13:53:37 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll [2010.01.09 13:53:37 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010.01.09 13:53:36 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010.01.09 13:53:36 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2010.01.09 13:53:36 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2010.01.09 13:53:36 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll [2010.01.09 13:53:35 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2010.01.09 13:53:33 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010.01.09 13:53:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010.01.09 13:53:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010.01.09 13:53:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010.01.09 13:53:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010.01.09 13:53:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010.01.09 13:53:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010.01.09 13:53:32 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010.01.09 13:53:31 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010.01.09 13:53:31 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010.01.09 13:53:31 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010.01.09 13:53:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010.01.09 13:53:31 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010.01.09 13:53:30 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2010.01.09 13:53:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2010.01.09 13:53:30 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010.01.09 13:53:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010.01.09 13:53:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010.01.09 13:53:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010.01.09 13:53:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010.01.09 13:53:30 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010.01.09 13:53:29 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2010.01.09 13:53:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010.01.09 13:53:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010.01.09 13:53:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010.01.09 13:53:29 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010.01.09 13:53:29 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010.01.09 13:53:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2010.01.09 13:53:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010.01.09 13:53:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010.01.09 13:53:28 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010.01.09 13:53:28 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010.01.09 13:53:27 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010.01.09 13:53:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2010.01.09 13:53:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010.01.09 13:53:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2010.01.09 13:53:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010.01.09 13:53:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010.01.09 13:53:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010.01.09 13:53:26 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll [2010.01.09 13:53:26 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010.01.09 13:53:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010.01.09 13:53:25 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2010.01.09 13:53:24 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll [2010.01.09 13:53:24 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe [2010.01.09 13:53:24 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010.01.09 13:53:23 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010.01.09 13:53:22 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010.01.09 13:53:22 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010.01.09 13:53:22 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010.01.09 13:53:21 | 00,274,490 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010.01.09 13:53:21 | 00,262,201 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010.01.09 13:53:21 | 00,233,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010.01.09 13:53:21 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010.01.09 13:53:20 | 00,208,953 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010.01.09 13:53:20 | 00,155,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010.01.09 13:53:19 | 00,716,857 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010.01.09 13:53:19 | 00,360,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010.01.09 13:53:19 | 00,307,258 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010.01.09 13:53:19 | 00,081,977 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010.01.09 13:53:19 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010.01.09 13:53:18 | 00,827,438 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010.01.09 13:53:18 | 00,340,013 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010.01.09 13:53:18 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010.01.09 13:53:17 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010.01.09 13:53:17 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010.01.09 13:53:17 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010.01.09 13:53:17 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010.01.09 13:53:17 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010.01.09 13:53:16 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll [2010.01.09 13:53:16 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll [2010.01.09 13:53:16 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll [2010.01.09 13:53:16 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010.01.09 13:53:16 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll [2010.01.09 13:53:16 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010.01.09 13:53:08 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010.01.09 13:52:51 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010.01.09 13:52:50 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2010.01.09 13:52:50 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll [2010.01.09 13:52:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2010.01.09 13:52:50 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll [2010.01.09 13:52:49 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010.01.09 13:52:48 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll [2010.01.09 13:52:47 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2010.01.09 13:52:47 | 00,395,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2010.01.09 13:52:47 | 00,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2010.01.09 13:52:47 | 00,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2010.01.09 13:52:47 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2010.01.09 13:52:47 | 00,188,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2010.01.09 13:52:47 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2010.01.09 13:52:46 | 00,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2010.01.09 13:52:46 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2010.01.09 13:52:46 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010.01.09 13:52:46 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2010.01.09 13:52:46 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2010.01.09 13:52:46 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2010.01.09 13:52:46 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010.01.09 13:52:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2010.01.09 13:52:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2010.01.09 13:52:45 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2010.01.09 13:52:45 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2010.01.09 13:52:45 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010.01.09 13:52:45 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2010.01.09 13:52:45 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010.01.09 13:52:45 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2010.01.09 13:52:44 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll [2010.01.09 13:52:44 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010.01.09 13:52:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010.01.09 13:52:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll [2010.01.09 13:52:43 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2010.01.09 13:52:43 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2010.01.09 13:52:43 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010.01.09 13:52:42 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2010.01.09 13:52:42 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2010.01.09 13:52:42 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010.01.09 13:52:42 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2010.01.09 13:52:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2010.01.09 13:52:41 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010.01.09 13:52:41 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010.01.09 13:52:41 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010.01.09 13:52:41 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010.01.09 13:52:35 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010.01.09 13:52:35 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe [2010.01.09 13:52:33 | 00,057,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe |
|
10.01.2010, 09:49
| #30 |
| | malware defense und security alertCode:
ATTFilter [2010.01.09 13:52:33 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010.01.09 13:52:33 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010.01.09 13:52:33 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010.01.09 13:52:33 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010.01.09 13:52:32 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2010.01.09 13:52:31 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2010.01.09 13:52:30 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2010.01.09 13:52:30 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2010.01.09 13:52:30 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2010.01.09 13:52:30 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2010.01.09 13:52:29 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010.01.09 13:52:28 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010.01.09 13:52:27 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2010.01.09 13:52:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010.01.09 13:52:27 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010.01.09 13:52:27 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010.01.09 13:52:27 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010.01.09 13:52:26 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010.01.09 13:52:26 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010.01.09 13:52:26 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010.01.09 13:52:26 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010.01.09 13:52:25 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010.01.09 13:52:24 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010.01.09 13:52:19 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010.01.09 13:52:18 | 00,344,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2010.01.09 13:52:18 | 00,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2010.01.09 13:52:18 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010.01.09 13:52:18 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010.01.09 13:52:17 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2010.01.09 13:52:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010.01.09 13:52:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010.01.09 13:52:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010.01.09 13:52:17 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2010.01.09 13:52:16 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010.01.09 13:52:16 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2010.01.09 13:52:15 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010.01.09 13:52:15 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2010.01.09 13:52:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010.01.09 13:52:15 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010.01.09 13:52:11 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2010.01.09 13:52:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2010.01.09 13:52:10 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2010.01.09 13:52:09 | 00,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2010.01.09 13:52:09 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2010.01.09 13:52:08 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2010.01.09 13:52:04 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2010.01.09 13:52:03 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2010.01.09 13:52:03 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2010.01.09 13:52:03 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2010.01.09 13:52:03 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2010.01.09 13:52:03 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2010.01.09 13:52:03 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2010.01.09 13:52:02 | 00,872,557 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2010.01.09 13:52:02 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2010.01.09 13:52:02 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2010.01.09 13:52:02 | 00,127,034 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2010.01.09 13:52:02 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2010.01.09 13:52:02 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2010.01.09 13:52:02 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2010.01.09 13:52:02 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2010.01.09 13:52:02 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2010.01.09 13:52:01 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2010.01.09 13:52:01 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2010.01.09 13:52:01 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2010.01.09 13:52:00 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2010.01.09 13:51:58 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2010.01.09 13:50:27 | 00,106,562 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010.01.09 13:50:25 | 03,346,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010.01.09 13:50:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010.01.09 13:50:16 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010.01.09 13:50:16 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010.01.09 13:50:14 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010.01.09 13:50:14 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010.01.09 13:50:14 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010.01.09 13:50:14 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010.01.09 13:50:14 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010.01.09 13:50:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010.01.09 13:50:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010.01.09 13:50:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010.01.09 13:50:14 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010.01.09 13:50:12 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010.01.09 13:50:12 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010.01.09 13:50:12 | 00,028,672 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010.01.09 13:50:12 | 00,028,672 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010.01.09 13:50:11 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010.01.09 13:50:11 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010.01.09 13:50:11 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.01.09 13:50:11 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2010.01.09 13:50:11 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010.01.09 13:50:10 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010.01.09 13:50:10 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010.01.09 13:50:10 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2010.01.09 13:50:08 | 02,532,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010.01.09 13:50:07 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010.01.09 13:50:07 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010.01.09 13:50:07 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010.01.09 13:50:07 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010.01.09 13:50:06 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010.01.09 13:50:06 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010.01.09 13:50:06 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010.01.09 13:50:06 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010.01.09 13:50:06 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010.01.09 13:50:06 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010.01.09 13:50:04 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2010.01.09 13:50:04 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2010.01.09 13:50:04 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2010.01.09 13:50:04 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2010.01.09 13:50:04 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2010.01.09 13:50:04 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2010.01.09 13:50:04 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2010.01.09 13:50:03 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2010.01.09 13:50:03 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2010.01.09 13:50:03 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2010.01.09 13:50:03 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2010.01.09 13:50:02 | 00,557,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2010.01.09 13:50:01 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010.01.09 13:50:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010.01.09 13:50:01 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010.01.09 13:50:01 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010.01.09 13:50:00 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010.01.09 13:50:00 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010.01.09 13:50:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010.01.09 13:50:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010.01.09 13:50:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010.01.09 13:50:00 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010.01.09 13:49:57 | 00,798,782 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010.01.09 13:49:56 | 00,802,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2010.01.09 13:49:55 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2010.01.09 13:49:55 | 00,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2010.01.09 13:49:54 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2010.01.09 13:49:54 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010.01.09 13:49:54 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010.01.09 13:49:54 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010.01.09 13:49:53 | 00,806,969 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.01.09 13:49:52 | 00,537,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010.01.09 13:49:51 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010.01.09 13:49:51 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010.01.09 13:49:49 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010.01.09 13:49:49 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2010.01.09 13:49:46 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010.01.09 13:49:45 | 00,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.01.09 13:49:44 | 00,742,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010.01.09 13:49:43 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2010.01.09 13:49:43 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010.01.09 13:49:43 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2010.01.09 13:49:43 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2010.01.09 13:49:42 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2010.01.09 13:49:42 | 00,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2010.01.09 13:49:42 | 00,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2010.01.09 13:49:42 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2010.01.09 13:49:42 | 00,008,223 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2010.01.09 13:49:41 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010.01.09 13:49:41 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010.01.09 13:49:41 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010.01.09 13:49:41 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010.01.09 13:49:41 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2010.01.09 13:49:40 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010.01.09 13:49:40 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010.01.09 13:49:40 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010.01.09 13:49:40 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010.01.09 13:49:40 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010.01.09 13:49:39 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010.01.09 13:49:39 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010.01.09 13:49:38 | 00,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010.01.09 13:49:38 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010.01.09 13:49:37 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010.01.09 13:49:37 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010.01.09 13:49:37 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010.01.09 13:49:37 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010.01.09 13:49:37 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010.01.09 13:49:36 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010.01.09 13:49:36 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010.01.09 13:49:35 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010.01.09 13:49:35 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010.01.09 13:49:34 | 01,003,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010.01.09 13:49:34 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010.01.09 13:49:34 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2010.01.09 13:49:33 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010.01.09 13:49:33 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010.01.09 13:49:33 | 00,228,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010.01.09 13:49:32 | 00,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010.01.09 13:49:32 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010.01.09 13:49:32 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010.01.09 13:49:30 | 00,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2010.01.09 13:49:30 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2010.01.09 13:49:30 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2010.01.09 13:49:30 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010.01.09 13:49:30 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010.01.09 13:49:24 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010.01.09 13:49:23 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2010.01.09 13:49:23 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010.01.09 13:49:23 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010.01.09 13:49:22 | 00,303,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010.01.09 13:49:22 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010.01.09 13:49:22 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010.01.09 13:49:22 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010.01.09 13:49:22 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010.01.09 13:49:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010.01.09 13:49:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010.01.09 13:49:21 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010.01.09 13:49:21 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010.01.09 13:49:21 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010.01.09 13:49:21 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010.01.09 13:49:21 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010.01.09 13:49:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010.01.09 13:49:21 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010.01.09 13:49:21 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010.01.09 13:49:21 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010.01.09 13:49:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010.01.09 13:49:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010.01.09 13:49:21 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010.01.09 13:49:20 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010.01.09 13:49:20 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010.01.09 13:49:20 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010.01.09 13:49:20 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010.01.09 13:49:20 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010.01.09 13:49:20 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010.01.09 13:49:19 | 00,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2010.01.09 13:49:19 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2010.01.09 13:49:19 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010.01.09 13:49:18 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2010.01.09 13:49:18 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2010.01.09 13:48:14 | 00,274,432 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2010.01.09 13:48:14 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2010.01.09 13:48:14 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010.01.09 13:48:14 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010.01.09 13:48:14 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010.01.09 13:48:13 | 00,528,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010.01.09 13:48:13 | 00,499,200 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010.01.09 13:48:13 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010.01.09 13:48:13 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010.01.09 13:48:12 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010.01.09 13:48:12 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010.01.09 13:48:12 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010.01.09 13:48:12 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010.01.09 13:48:12 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010.01.09 13:48:12 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010.01.09 13:48:12 | 00,020,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2010.01.09 13:48:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010.01.09 13:48:12 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010.01.09 13:48:12 | 00,011,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2010.01.09 13:48:11 | 00,869,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010.01.09 13:48:11 | 00,869,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010.01.09 13:48:11 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010.01.09 13:48:11 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010.01.09 13:48:11 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010.01.09 13:48:11 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2010.01.09 13:48:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010.01.09 13:48:09 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2010.01.09 13:48:09 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010.01.09 13:48:09 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010.01.09 13:48:09 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010.01.09 13:48:09 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2010.01.09 13:48:09 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010.01.09 13:48:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010.01.09 13:48:09 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010.01.09 13:48:09 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010.01.09 13:48:08 | 00,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2010.01.09 13:48:08 | 00,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010.01.09 13:48:08 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2010.01.09 13:48:08 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010.01.09 13:48:07 | 00,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2010.01.09 13:48:07 | 00,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2010.01.09 13:48:07 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2010.01.09 13:48:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010.01.09 13:48:06 | 00,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2010.01.09 13:48:06 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010.01.09 13:48:06 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2010.01.09 13:48:06 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisreset.exe
[2010.01.09 13:48:06 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010.01.09 13:48:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisrstap.dll
[2010.01.09 13:48:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010.01.09 13:48:05 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010.01.09 13:48:05 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2010.01.09 13:48:05 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2010.01.09 13:48:05 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010.01.09 13:48:05 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2010.01.09 13:48:05 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisext.dll
[2010.01.09 13:48:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftpsapi2.dll
[2010.01.09 13:48:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010.01.09 13:48:04 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iismap.dll
[2010.01.09 13:48:04 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2010.01.09 13:48:04 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2010.01.09 13:48:04 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\admwprox.dll
[2010.01.09 13:48:04 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetsloc.dll
[2010.01.09 13:48:04 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010.01.09 13:48:04 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\exstrace.dll
[2010.01.09 13:48:04 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2010.01.09 13:48:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infoadmn.dll
[2010.01.09 13:48:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2010.01.09 13:48:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wamregps.dll
[2010.01.09 13:48:04 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010.01.09 13:48:04 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iismui.dll
[2010.01.09 13:48:04 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010.01.09 13:48:03 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iisRtl.dll
[2010.01.09 13:48:03 | 00,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2010.01.09 13:48:02 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010.01.09 13:48:01 | 00,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2010.01.09 13:48:01 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010.01.09 13:48:01 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010.01.09 13:48:01 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010.01.09 13:48:01 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2010.01.09 13:48:01 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010.01.09 13:48:01 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010.01.09 13:48:01 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2010.01.09 13:48:01 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010.01.09 13:48:00 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010.01.09 13:48:00 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010.01.09 13:48:00 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2010.01.09 13:48:00 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010.01.09 13:47:59 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010.01.09 13:47:59 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010.01.09 13:47:59 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010.01.09 13:47:58 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010.01.09 13:47:58 | 00,178,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010.01.09 13:47:58 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010.01.09 13:47:58 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010.01.09 13:47:58 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010.01.09 13:47:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010.01.09 13:47:58 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010.01.09 13:47:48 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010.01.09 13:47:48 | 00,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2010.01.09 13:47:48 | 00,000,000 | ---D | C] -- C:\Programme\MSN
[2010.01.09 13:47:47 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010.01.09 13:47:47 | 00,343,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010.01.09 13:47:46 | 00,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010.01.09 13:47:46 | 00,534,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2010.01.09 13:47:46 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010.01.09 13:47:46 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010.01.09 13:47:45 | 01,081,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2010.01.09 13:47:45 | 00,115,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2010.01.09 13:47:45 | 00,114,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2010.01.09 13:47:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2010.01.09 13:47:44 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2010.01.09 13:47:44 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2010.01.09 13:47:44 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe
[2010.01.09 13:47:44 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010.01.09 13:47:44 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010.01.09 13:47:43 | 00,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2010.01.09 13:47:43 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010.01.09 13:47:43 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010.01.09 13:47:43 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2010.01.09 13:47:43 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2010.01.09 13:47:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2010.01.09 13:47:43 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe
[2010.01.09 13:47:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010.01.09 13:47:43 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010.01.09 13:47:42 | 00,075,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010.01.09 13:47:42 | 00,075,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010.01.09 13:47:42 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010.01.09 13:47:42 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2010.01.09 13:47:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010.01.09 13:47:42 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010.01.09 13:47:42 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010.01.09 13:47:42 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010.01.09 13:47:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010.01.09 13:47:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2010.01.09 13:47:41 | 00,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010.01.09 13:47:41 | 00,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010.01.09 13:47:41 | 00,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2010.01.09 13:47:40 | 01,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2010.01.09 13:47:40 | 01,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010.01.09 13:47:40 | 00,582,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2010.01.09 13:47:40 | 00,582,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010.01.09 13:47:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2010.01.09 13:47:39 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsiis.dll
[2010.01.09 13:47:39 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2010.01.09 13:47:39 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2010.01.09 13:47:39 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2010.01.09 13:47:39 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010.01.09 13:47:38 | 00,340,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2010.01.09 13:47:38 | 00,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2010.01.09 13:47:38 | 00,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010.01.09 13:47:38 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2010.01.09 13:47:38 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010.01.09 13:47:38 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010.01.09 13:47:37 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2010.01.09 13:47:37 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2010.01.09 13:47:37 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2010.01.09 13:47:37 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2010.01.09 13:47:36 | 00,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2010.01.09 13:47:36 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2010.01.09 13:47:36 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2010.01.09 13:47:36 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010.01.09 13:47:36 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2010.01.09 13:47:36 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010.01.09 13:47:35 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2010.01.09 13:47:34 | 01,268,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2010.01.09 13:47:34 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010.01.09 13:47:34 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2010.01.09 13:43:28 | 00,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010.01.09 13:43:28 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010.01.09 13:43:27 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2010.01.09 13:29:47 | 00,023,070 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\RTL8139.sys
[2010.01.09 13:28:32 | 00,696,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010.01.09 13:28:32 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010.01.09 13:28:27 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010.01.09 13:28:27 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2010.01.09 13:28:27 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010.01.09 13:28:27 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2010.01.09 13:28:27 | 00,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2010.01.09 13:28:26 | 00,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010.01.09 13:28:25 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010.01.07 20:22:35 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.01.07 20:22:35 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.01.07 20:22:35 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.01.07 20:22:35 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.01.07 20:22:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.01.07 20:22:25 | 00,000,000 | --SD | C] -- C:\ComboFix
|
|
| Themen zu malware defense und security alert |
| aktiv, alert, combofix, deutsch, experte, expertenmeinung, falsches, fensteröffnen, klicke, laufe, laufen, malware, meinung, minute, minuten, net-worm.win32.mytob.t, nicht öffnen, problem, protection, security, security alert, taskleiste, virus, windows, windows alert, windows security, öffnen, öffnet |
Linear-Darstellung
