Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internetverbindung wird ständig selbstständig unterbrochen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.08.2010, 21:15   #1
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo,

ich habe mir vor ein paar Tagen etwas eingefangen. Seitdem wird ständig die Internetverbindung unterbrochen. Das kann manchmal nach einer Stunde geschehen, manchmal aber auch alle paar Minuten. Fast immer, wenn ich Outlook-Express starte, fliege ich erstmal raus. Aber auch beim Firefox gibt es damit Probleme.

Unten das Logfile von HijackThis und Malwarebytes.

Danke und viele Grüße,

Rainer
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:01:51, on 30.08.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programme\Norman\Npm\Bin\Elogsvc.exe
C:\Programme\Norman\Ngs\Bin\Nnf.exe
C:\Programme\Norman\Ngs\Bin\Nprosec.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Norman\Npm\Bin\Zanda.exe
C:\Programme\Norman\npm\bin\nvoy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programme\Norman\Npm\Bin\ZLH.EXE
C:\Programme\T-DSL SpeedManager\SpeedMgr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe
C:\Programme\Corel\Corel MediaOne\CorelIOMonitor.exe
C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Norman\Npm\Bin\scheduler.exe
C:\Programme\Norman\Npm\Bin\Njeeves.exe
C:\Programme\Norman\nse\bin\NSESVC.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Norman\Nvc\Bin\nvcoas.exe
C:\Programme\Norman\Nvc\Bin\Nip.exe
C:\Programme\T-DSL SpeedManager\tsmsvc.exe
C:\Programme\Norman\Nvc\Bin\cclaw.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll
R3 - URLSearchHook: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll
O1 - Hosts: ÿþ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: SparweltGutscheinAlarm.Sparwelt_Gutschein_Tool - {10945114-b19f-4614-8450-b25e444a1020} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll
O2 - BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll
O2 - BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll
O3 - Toolbar: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Programme\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Programme\Corel\Corel MediaOne\Corel PhotoDownloader.exe" -startup
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Programme\Corel\Corel MediaOne\CorelIOMonitor.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Icmblt] C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe\Update\widvid.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
O9 - Extra 'Tools' menuitem: Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A6AC65B-5C4A-42F4-BE0B-667259779C59}: NameServer = 217.0.43.177 217.0.43.161
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programme\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Programme\Norman\Ngs\Bin\Nnf.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Programme\Norman\Npm\Bin\Njeeves.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Programme\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Programme\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Programme\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programme\Norman\Nvc\Bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Programme\Norman\Npm\Bin\Nvcsched.exe (file missing)
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Programme\Norman\npm\bin\nvoy.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Programme\Norman\Npm\Bin\scheduler.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
O23 - Service: WPEServ - soft Xpansion - C:\Programme\Gemeinsame Dateien\WPE\wpeserv.exe
 
--
End of file - 9854 bytes
         
--- --- ---


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4509

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

30.08.2010 21:18:14
mbam-log-2010-08-30 (21-18-14).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 380373
Laufzeit: 2 Stunde(n), 11 Minute(n), 14 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\helper (Trojan.Agent) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe\Update\flacor.dat (Trojan.Agent) -> No action taken.
C:\Dokumente und Einstellungen\User\Anwendungsdaten\Helper\bin\liveu.exe (Trojan.Agent) -> No action taken.

Hallo,

habe noch etwas vergessen, was gerade wieder aufgetreten ist. Etwa einmal am Tag bekomme ich ein kleines Warnfenster, wo drinnen steht, das System muss heruntergefahren werden, speichern sie bitte alles ab. Dann läuft eine Uhr rückwärts, von 30 Sekunden bis Null. Bei Null fährt das System runter, ohne das ich es verhindern kann.

Viele Grüße,

Rainer

Alt 31.08.2010, 08:38   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo und

Zitat:
Fast immer, wenn ich Outlook-Express starte
Ich würd ja einen vernünftigen Mailclient nehmen. Sowas wie Mozilla Thunderbird...


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 31.08.2010, 17:26   #3
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo Arne,

danke für die Hilfe!

Ich bin leider das Outlook-Express gewöhnt. Bei einem anderen müsste ich mich erst einarbeiten.

Unten also die zwei gewünschten Logfiles.

Viele Grüße,

RainerOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.08.2010 18:03:55 - Run 5
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\User\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 0,95 Gb Free Space | 0,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NAME-9CF4F91750
Current User Name: User
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.exe [@ = secfile] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, XnView Software - Free graphic and photo viewer, converter, organizer)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Bayern 3D\Bayern3D.exe" = C:\Programme\Bayern 3D\Bayern3D.exe:*:Enabled:Bayern3D -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}" = Corel Painter Essentials 3
"{00020407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}" = Corel Painter Essentials 3
"{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FFBEF6F-98F3-4EEA-8103-7A85C1017D20}" = Geogrid®-Viewer
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3C569633-C8DE-46E2-BB8F-F65198681C2F}" = Corel MediaOne
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACBBFC6-3F39-48DE-8D85-182736B2749B}" = Garmin MapSource
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5943B7F7-678B-477E-9AEE-6E4C6962322B}" = Sparwelt.de Gutschein Alarm
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5C161FB3-7E16-4771-9314-06FB37F3BBA7}" = Top50 V5 Viewer
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{641FE800-650B-4E99-A304-9D50E7235BAF}" = Topo Deutschland v2
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8234A27D-C5A4-4F84-8718-3BF34BCFC89F}" = JourneySoftwarePromo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}" = ABBYY FineReader 6.0 Professional
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{BA9C8A3B-7A17-4A52-9F11-A6E823EE4305}" = Google SketchUp 7
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C3896A21-47E5-4B40-9E90-529C1D6EDDF5}" = PDF Genie 3.0
"{C7C82ED1-E5AD-48CF-8B92-38DD9B49610C}" = Garmin TOPO Deutschland 2010
"{C8B34404-2E52-4C1F-A2B7-D26E46E5974D}" = Norman Security Suite
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5484836-E51C-4423-A663-12B9DDD50DE6}" = Garmin BaseCamp
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60
"Bayern 3D" = Bayern 3D
"CCleaner" = CCleaner
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"Defraggler" = Defraggler
"Dr. Hardware 2009_is1" = Dr. Hardware 2009 9.9.5d
"Exif-Viewer" = Exif-Viewer 2.50 
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Helicon Filter_is1" = Helicon Filter 4.93.2
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP Photo & Imaging" = HP Image Zone 5.0
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"HPExtendedCapabilities" = HP Extended Capabilities 5.0
"Hugin_is1" = Hugin 0.7.0 (SVN 3465)
"Hugin_release_is1" = Hugin 2009.4.0
"ie8" = Windows Internet Explorer 8
"Image Analyzer" = Image Analyzer
"ImageConverter Plus_is1" = ImageConverter Plus 8.0
"InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}" = Ulead PhotoImpact X3
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Maniac Mansion Deluxe" = Maniac Mansion Deluxe
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"PC Wizard 2009_is1" = PC Wizard 2009.1.88
"PhotoME_is1" = PhotoME
"Picasa 3" = Picasa 3
"ShiftN_is1" = ShiftN 3.5
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Speccy" = Speccy
"Tank Blaster II" = Tank Blaster II
"TDSLSM" = T-DSL SpeedManager
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.8
"Winload Toolbar" = Winload Toolbar
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.97.6
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gnumeric" = Gnumeric Spreadsheet 1.9.1-win32-20080505
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 02.05.2010 15:54:15 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 21:54:14]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/Alte Daten/Drive(F)/System
 Volume Information/_restore{4EA7DCED-C474-4611-AD9D-054543A1C373}/RP992/A0478724.dll
File
 quarantined: C:/Alte Daten/Drive(F)/System Volume Information/_restore{4EA7DCED-C474-4611-AD9D-054543A1C373}/RP992/A0478724.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 15:54:15 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 21:54:14]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/Alte Daten/Drive(F)/System
 Volume Information/_restore{4EA7DCED-C474-4611-AD9D-054543A1C373}/RP992/A0478734.dll
File
 quarantined: C:/Alte Daten/Drive(F)/System Volume Information/_restore{4EA7DCED-C474-4611-AD9D-054543A1C373}/RP992/A0478734.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 16:04:05 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 22:04:05]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/Alte Daten/Drive(F)/Windows/ie8updates/KB969897-IE8/wininet.dll
File
 quarantined: C:/Alte Daten/Drive(F)/Windows/ie8updates/KB969897-IE8/wininet.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 16:28:05 | Computer Name = NAME-9CF4F91750 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 02.05.2010 16:28:05 | Computer Name = NAME-9CF4F91750 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3743, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 02.05.2010 16:51:41 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 22:51:41]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/System Volume
 Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052456.dll  File
 quarantined: C:/System Volume Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052456.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 16:51:41 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 22:51:41]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/System Volume
 Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052458.dll  File
 quarantined: C:/System Volume Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052458.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 16:51:41 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 22:51:41]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/System Volume
 Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052459.dll  File
 quarantined: C:/System Volume Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052459.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 16:51:41 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 22:51:41]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/System Volume
 Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052457.dll  File
 quarantined: C:/System Volume Information/_restore{3DBDB387-7509-4FD8-9380-E70EF9D34BF9}/RP260/A0052457.dll
Login
 information: User 'SYSTEM' on host 'NAME-9CF4F91750'.
 
Error - 02.05.2010 17:05:03 | Computer Name = NAME-9CF4F91750 | Source = NormanNPT | ID = 131073
Description = Norman Message [2010/05/02 23:05:03]  --------------------------------------------------------
Application:
 NVC On-access Scanner  Node address: 217.228.96.11  --------------------------------------------------------

Warning
 message:   Virus missing:   Virus name: 'Smalltroj.YLOT'  File infected: C:/WINDOWS/ie8updates/KB972260-IE8/wininet.dll
File
 quarantined: C:/WINDOWS/ie8updates/KB972260-IE8/wininet.dll  Login information: User
 'SYSTEM' on host 'NAME-9CF4F91750'.
 
[ OSession Events ]
Error - 28.12.2009 04:02:15 | Computer Name = NAME-9CF4F91750 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = 
 
Error - 28.12.2009 04:03:15 | Computer Name = NAME-9CF4F91750 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = 
 
Error - 28.12.2009 04:03:31 | Computer Name = NAME-9CF4F91750 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = 
 
[ System Events ]
Error - 21.08.2010 09:30:48 | Computer Name = NAME-9CF4F91750 | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Dokument2, im Besitz von User, konnte
 nicht auf dem Drucker PDF Genie 3 gedruckt werden. Datentyp: NT EMF 1.008. Größe
 der Warteschlangendatei in Bytes: 1507328. Anzahl der gedruckten Bytes: 1507328.
 Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\NAME-9CF4F91750. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 0 (0x0).
 
 
Error - 21.08.2010 09:31:12 | Computer Name = NAME-9CF4F91750 | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Bäume.doc, im Besitz von User, konnte
 nicht auf dem Drucker PDF Genie 3 gedruckt werden. Datentyp: NT EMF 1.008. Größe
 der Warteschlangendatei in Bytes: 1507328. Anzahl der gedruckten Bytes: 1507328.
 Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\NAME-9CF4F91750. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 0 (0x0).
 
 
Error - 26.08.2010 14:08:26 | Computer Name = NAME-9CF4F91750 | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Bäume.doc, im Besitz von User, konnte
 nicht auf dem Drucker PDF Genie 3 gedruckt werden. Datentyp: NT EMF 1.008. Größe
 der Warteschlangendatei in Bytes: 11599872. Anzahl der gedruckten Bytes: 11599872.
 Gesamtanzahl der Seiten des Dokuments: 8. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\NAME-9CF4F91750. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 0 (0x0).
 
 
Error - 28.08.2010 16:05:19 | Computer Name = NAME-9CF4F91750 | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Bäume1.doc, im Besitz von User, konnte
 nicht auf dem Drucker PDF Genie 3 gedruckt werden. Datentyp: NT EMF 1.008. Größe
 der Warteschlangendatei in Bytes: 4390912. Anzahl der gedruckten Bytes: 4390912.
 Gesamtanzahl der Seiten des Dokuments: 1. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\NAME-9CF4F91750. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 0 (0x0).
 
 
Error - 29.08.2010 03:21:35 | Computer Name = NAME-9CF4F91750 | Source = Print | ID = 6161
Description = Das Dokument Microsoft Word - Bäume1.doc, im Besitz von User, konnte
 nicht auf dem Drucker PDF Genie 3 gedruckt werden. Datentyp: NT EMF 1.008. Größe
 der Warteschlangendatei in Bytes: 8716288. Anzahl der gedruckten Bytes: 8716288.
 Gesamtanzahl der Seiten des Dokuments: 2. Anzahl der gedruckten Seiten: 0. Clientcomputer:
 \\NAME-9CF4F91750. Vom Druckprozessor zurückgelieferter Win32-Fehlercode: 0 (0x0).
 
 
 
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.08.2010 18:03:55 - Run 5
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Dokumente und Einstellungen\User\Eigene Dateien
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 0,95 Gb Free Space | 0,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NAME-9CF4F91750
Current User Name: User
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\User\Eigene Dateien\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Norman\nvc\bin\Nvcoas.exe (Norman ASA)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Norman\ngs\bin\nnf.exe (Norman ASA)
PRC - C:\Programme\Norman\Nse\Bin\Nsesvc.exe (Norman ASA)
PRC - C:\Programme\Crawler\CToolbar.exe (Crawler.com)
PRC - C:\Programme\Norman\Npm\Bin\Zanda.exe (Norman ASA)
PRC - C:\Programme\Norman\ngs\bin\nprosec.exe (Norman ASA)
PRC - C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programme\Norman\Npm\Bin\nvoy.exe (Norman ASA)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Norman\Npm\Bin\Zlh.exe (Norman ASA)
PRC - C:\Programme\Norman\nvc\bin\Nip.exe (Norman ASA)
PRC - C:\Programme\Norman\Npm\Bin\scheduler.exe (Norman ASA)
PRC - C:\Programme\Norman\Npm\Bin\elogsvc.exe (Norman ASA)
PRC - C:\Programme\Norman\nvc\bin\CClaw.exe (Norman ASA)
PRC - C:\Programme\Norman\Npm\Bin\Njeeves.exe (Norman ASA)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Outlook Express\msimn.exe (Microsoft Corporation)
PRC - C:\Programme\Corel\Corel MediaOne\CorelIOMonitor.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Programme\T-DSL SpeedManager\SpeedMgr.exe (T-Systems Nova, Berkom)
PRC - C:\Programme\T-DSL SpeedManager\TSMSvc.exe (T-Systems Nova, Berkom)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\User\Eigene Dateien\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Norman\nvc\bin\Niphk.dll (Norman ASA)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\shfolder.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (NVCScheduler) -- C:\Programme\Norman\Npm\Bin\Nvcsched.exe File not found
SRV - (nvcoas) -- C:\Programme\Norman\Nvc\Bin\nvcoas.exe (Norman ASA)
SRV - (NNFSVC) -- C:\Programme\Norman\Ngs\Bin\Nnf.exe (Norman ASA)
SRV - (nsesvc) -- C:\Programme\Norman\nse\bin\NSESVC.EXE (Norman ASA)
SRV - (Norman ZANDA) -- C:\Programme\Norman\Npm\Bin\Zanda.exe (Norman ASA)
SRV - (NPROSECSVC) -- C:\Programme\Norman\Ngs\Bin\Nprosec.exe (Norman ASA)
SRV - (NVOY) -- C:\Programme\Norman\npm\bin\nvoy.exe (Norman ASA)
SRV - (Scheduler) -- C:\Programme\Norman\Npm\Bin\scheduler.exe (Norman ASA)
SRV - (eLoggerSvc6) -- C:\Programme\Norman\Npm\Bin\Elogsvc.exe (Norman ASA)
SRV - (Norman NJeeves) -- C:\Programme\Norman\Npm\Bin\Njeeves.exe (Norman ASA)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (WPEServ) -- C:\Programme\Gemeinsame Dateien\WPE\wpeserv.exe (soft Xpansion)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (TSMService) -- C:\Programme\T-DSL SpeedManager\tsmsvc.exe (T-Systems Nova, Berkom)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (cpuz131) -- C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\cpuz131\cpuz_x32.sys File not found
DRV - (catchme) -- C:\DOKUME~1\User\LOKALE~1\Temp\catchme.sys File not found
DRV - (nregsec) -- C:\Programme\Norman\ngs\bin\nregsec.sys (Norman ASA)
DRV - (NPROSEC) -- C:\Programme\Norman\ngs\bin\nprosec.sys (Norman ASA)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Programme\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NGS) -- c:\Programme\Norman\ngs\bin\ngs.sys (Norman ASA)
DRV - (ACEDRV08) -- C:\WINDOWS\system32\drivers\ACEDRV08.sys (Protect Software GmbH)
DRV - (Ndiskio) -- C:\Programme\Norman\Nse\Bin\Ndiskio.sys (Norman ASA)
DRV - (NvcMFlt) -- C:\WINDOWS\system32\drivers\nvcw32mf.sys (Norman ASA)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (drhard) -- C:\WINDOWS\System32\drivers\drhard.sys (Licensed for Gebhard Software)
DRV - (TNPacket) -- C:\Programme\T-DSL SpeedManager\TNPACKET.SYS (T-Systems Nova GmbH)
DRV - (PCANDIS5) -- C:\Programme\T-DSL SpeedManager\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.wikipedia.org/wiki/Benutzer:Rainer_Lippert"
FF - prefs.js..extensions.enabledItems: sparweltgutscheinewl@sparwelt.de:1.0
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
 
 
FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Programme\Crawler\firefox\ [2010.06.04 18:14:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.15 16:29:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.08.28 22:14:34 | 000,000,000 | ---D | M]
 
[2009.08.27 14:04:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions
[2010.08.30 18:51:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions
[2010.07.02 19:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.04.03 22:39:17 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2010.05.04 19:23:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.08.21 18:16:00 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.03.27 20:55:22 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.03.28 18:13:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\sparweltgutscheinewl@sparwelt.de
[2009.11.23 21:11:46 | 000,002,172 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\searchplugins\bing.xml
[2010.01.20 12:19:10 | 000,000,923 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\searchplugins\conduit.xml
[2010.03.07 00:11:13 | 000,001,250 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\searchplugins\winamp-search.xml
[2010.08.30 18:51:24 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.18 21:47:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.02 08:10:59 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.bak
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.08.02 08:10:59 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.02 08:10:59 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.02 08:10:59 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.08.02 08:10:59 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.29 18:08:08 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll (Conduit Ltd.)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\tbWin0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Programme\Corel\Corel MediaOne\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Programme\Corel\Corel MediaOne\Corel PhotoDownloader.exe File not found
O4 - HKLM..\Run: [Norman ZANDA] C:\Programme\Norman\Npm\Bin\ZLH.EXE (Norman ASA)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [T-DSL SpeedMgr] C:\Programme\T-DSL SpeedManager\SpeedMgr.exe (T-Systems Nova, Berkom)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Getdo]  File not found
O4 - HKCU..\Run: [Icmblt] C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe\Update\widvid.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108847
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108847
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O9 - Extra 'Tools' menuitem : Öffnen mit PDF Genie 3 - {722FE9B2-6895-42D9-9984-F4CB26616023} - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll (TODO: <Company name>)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.dll - C:\Programme\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.05 11:00:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = secfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.31 18:02:32 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\OTL.exe
[2010.08.28 15:38:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Helper
[2010.08.21 22:28:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\jpg-Illuminator
[2010.08.21 19:11:50 | 012,387,832 | ---- | C] (Google Inc.) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\picasa36-setup(2).exe
[2010.08.21 18:55:48 | 010,831,352 | ---- | C] (Google Inc.) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\picasa38_11545-setup.exe
[2010.08.21 18:16:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\MyAshampoo
[2010.08.21 18:16:07 | 000,000,000 | ---D | C] -- C:\Programme\MyAshampoo
[2010.08.21 17:21:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2010.08.21 17:17:41 | 003,420,304 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ccsetup234.exe
[2010.08.17 22:45:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Winload
[2010.08.17 22:45:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\softonic-de3
[2010.08.17 22:44:41 | 000,376,136 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\tdi_nf.sys
[2010.08.17 22:44:41 | 000,067,664 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\ale_nf64.sys
[2010.08.17 22:44:41 | 000,060,960 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\ale_nf.sys
[2010.08.17 22:44:40 | 000,048,272 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\nnetsec.sys
[2010.08.17 22:44:40 | 000,034,192 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\nnetsecl64.sys
[2010.08.17 22:44:40 | 000,030,584 | ---- | C] (Norman ASA) -- C:\WINDOWS\System32\drivers\nnetsecl.sys
[2010.08.15 19:00:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\XnView
[2010.08.15 19:00:17 | 000,000,000 | ---D | C] -- C:\Programme\XnView
[2010.08.15 18:58:45 | 003,060,520 | ---- | C] (Gougelet Pierre-e                                           ) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\XnView-win-de.exe
[2010.08.14 15:55:58 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET
[2010.08.14 15:55:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Paint.NET
[2010.08.02 20:01:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\.fontconfig
[4 C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.31 18:02:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\OTL.exe
[2010.08.31 17:42:51 | 000,000,870 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.31 17:42:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.31 17:42:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.31 17:42:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.31 09:08:20 | 005,242,880 | ---- | M] () -- C:\Dokumente und Einstellungen\User\ntuser.dat
[2010.08.31 09:08:20 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\User\ntuser.ini
[2010.08.31 08:37:05 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.31 08:00:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.08.29 22:53:26 | 000,075,701 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\booksa.htm
[2010.08.29 22:51:34 | 010,905,983 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\lernort_geologie_modul_i.pdf
[2010.08.29 21:40:55 | 000,120,167 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\032.JPG
[2010.08.29 09:21:42 | 000,004,096 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\00000315.LCS
[2010.08.29 09:21:27 | 006,834,688 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bäume1.doc
[2010.08.28 22:14:35 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2010.08.28 15:39:03 | 000,002,181 | ---- | M] () -- C:\WINDOWS\Helicon Debug Window.ini
[2010.08.27 19:41:48 | 008,523,264 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bäume.doc
[2010.08.24 19:15:04 | 000,001,616 | -H-- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\.picasa.ini
[2010.08.24 19:14:01 | 001,698,562 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Schellenberger Eishöhle1.jpg
[2010.08.24 19:08:40 | 000,598,723 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Schellenberger Eishöhle.jpg
[2010.08.24 19:06:31 | 000,000,680 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2010.08.23 18:57:24 | 000,000,848 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.08.23 18:54:40 | 005,779,885 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42(3).zip
[2010.08.22 20:22:27 | 005,779,885 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42(2).zip
[2010.08.22 10:27:04 | 005,413,962 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v39.zip
[2010.08.22 08:21:43 | 000,004,397 | ---- | M] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel
[2010.08.21 22:26:08 | 005,779,885 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42.zip
[2010.08.21 19:18:41 | 000,000,731 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Picasa 3.lnk
[2010.08.21 19:16:17 | 012,387,832 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\picasa36-setup(2).exe
[2010.08.21 19:03:14 | 010,831,352 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\picasa38_11545-setup.exe
[2010.08.21 17:19:40 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\CCleaner.lnk
[2010.08.21 17:18:51 | 003,420,304 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\ccsetup234.exe
[2010.08.21 16:52:12 | 000,030,720 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.17 22:45:58 | 000,008,224 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.08.16 22:52:25 | 000,674,816 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\hoehle_index.xls
[2010.08.16 07:26:15 | 000,329,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.15 19:00:53 | 000,000,586 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\XnView.lnk
[2010.08.15 18:59:47 | 003,060,520 | ---- | M] (Gougelet Pierre-e                                           ) -- C:\Dokumente und Einstellungen\User\Eigene Dateien\XnView-win-de.exe
[2010.08.14 21:08:03 | 000,039,936 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Die Schellenberger Eishöhle ist die einzige Schauhöhle in den Berchtesgadener Alpen.doc
[2010.08.14 15:56:17 | 000,000,840 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk
[2010.08.12 08:23:03 | 001,025,000 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.08.12 08:23:03 | 000,459,152 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.08.12 08:23:03 | 000,441,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.08.12 08:23:03 | 000,084,524 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.08.12 08:23:03 | 000,071,196 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.08.11 22:18:34 | 000,033,280 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Fröhlich.doc
[2010.08.08 21:53:53 | 000,176,128 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Baumberechnung.xls
[2010.08.07 22:26:48 | 000,025,997 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789 -B.pto.mk
[2010.08.07 22:26:48 | 000,025,283 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789.pto.mk
[2010.08.07 22:26:48 | 000,016,567 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789 -B.pto
[2010.08.07 22:26:48 | 000,016,566 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789.pto
[2010.08.04 20:45:08 | 000,001,099 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ShiftN.ini
[4 C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\User\Eigene Dateien\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.29 22:53:26 | 000,075,701 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\booksa.htm
[2010.08.29 22:51:19 | 010,905,983 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\lernort_geologie_modul_i.pdf
[2010.08.28 19:53:51 | 006,834,688 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bäume1.doc
[2010.08.28 19:42:08 | 000,120,167 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\032.JPG
[2010.08.24 19:13:37 | 001,698,562 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Schellenberger Eishöhle1.jpg
[2010.08.24 19:08:18 | 000,598,723 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Schellenberger Eishöhle.jpg
[2010.08.23 18:52:39 | 005,779,885 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42(3).zip
[2010.08.22 20:22:23 | 005,779,885 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42(2).zip
[2010.08.22 10:25:23 | 005,413,962 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v39.zip
[2010.08.22 08:21:43 | 000,004,397 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel
[2010.08.21 22:24:06 | 005,779,885 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\JPG-Illuminator_v42.zip
[2010.08.21 19:04:07 | 000,000,731 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Picasa 3.lnk
[2010.08.21 15:31:03 | 008,523,264 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bäume.doc
[2010.08.16 22:52:13 | 000,674,816 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\hoehle_index.xls
[2010.08.15 19:00:20 | 000,000,586 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\XnView.lnk
[2010.08.14 21:08:02 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Die Schellenberger Eishöhle ist die einzige Schauhöhle in den Berchtesgadener Alpen.doc
[2010.08.14 15:56:17 | 000,000,840 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Paint.NET.lnk
[2010.08.09 22:38:28 | 000,033,280 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Fröhlich.doc
[2010.08.08 21:53:53 | 000,176,128 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Baumberechnung.xls
[2010.08.07 22:26:48 | 000,025,997 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789 -B.pto.mk
[2010.08.07 22:26:48 | 000,025,283 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789.pto.mk
[2010.08.07 22:26:48 | 000,016,567 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789 -B.pto
[2010.08.07 22:26:48 | 000,016,566 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Urlaub 2010 783-Urlaub 2010 789.pto
[2010.06.17 17:36:33 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.04.25 20:58:32 | 000,014,806 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\W1V4gTA17lv6V
[2009.11.19 12:08:19 | 000,002,181 | ---- | C] () -- C:\WINDOWS\Helicon Debug Window.ini
[2009.11.12 16:17:27 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.11.09 20:39:54 | 000,016,070 | ---- | C] () -- C:\WINDOWS\German2.ini
[2009.10.20 16:06:18 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.09.04 18:20:27 | 000,001,099 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ShiftN.ini
[2009.08.29 16:43:24 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2009.08.29 16:43:23 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2009.08.27 16:26:42 | 000,000,879 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2009.08.27 16:26:23 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009.08.27 08:37:38 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.08.21 18:13:22 | 000,000,090 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.08.21 18:07:25 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.06.05 11:51:16 | 000,002,480 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.06.05 11:48:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009.06.05 11:23:11 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.06.05 11:07:54 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 400 bytes -> C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\desktop.ini:bf5af20ce7a419b1178ece347eddc338
@Alternate Data Stream - 137 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A5B56640
< End of report >
         
--- --- ---
__________________

Alt 31.08.2010, 20:20   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Zitat:
Bei einem anderen müsste ich mich erst einarbeiten.
mach das mal. Outlook Express ist nicht mehr zeitgemäß und gibt es auch so ab Windows Vista schon nicht mehr. Mit Mozilla Thunderbird machst Du nichts falsch und die Umgewöhnung hält sich stark in Grenzen.


Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [Getdo]  File not found
O4 - HKCU..\Run: [Icmblt] C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe\Update\widvid.exe ()
[2010.04.25 20:58:32 | 000,014,806 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\W1V4gTA17lv6V
@Alternate Data Stream - 400 bytes -> C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\desktop.ini:bf5af20ce7a419b1178ece347eddc338
@Alternate Data Stream - 137 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A5B56640
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.08.2010, 20:55   #5
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo,

mein Hauptproplem ist dort wohl erstmal die, dass ich Überhaupt E-Mails abrufen und verschicken kann. Das muss ja alles erstmal eingerichtet werden? Denke ich zumindest.

Hier nun das gewünschte Logfile:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Getdo deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Icmblt deleted successfully.
C:\Dokumente und Einstellungen\User\Anwendungsdaten\Adobe\Update\widvid.exe moved successfully.
C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\W1V4gTA17lv6V moved successfully.
ADS C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\desktop.ini:bf5af20ce7a419b1178ece347eddc338 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A5B56640 deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 52570384 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User
->Temp folder emptied: 198692537 bytes
->Temporary Internet Files folder emptied: 28532042 bytes
->Java cache emptied: 967586 bytes
->FireFox cache emptied: 98981008 bytes
->Flash cache emptied: 4824 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36720931 bytes
RecycleBin emptied: 1008963 bytes

Total Files Cleaned = 398,00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 08312010_214943

Files\Folders moved on Reboot...
File move failed. C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temp\nvcbin.def.9c09ba42.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Viele Grüße,

Rainer


Alt 31.08.2010, 21:01   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Zitat:
mein Hauptproplem ist dort wohl erstmal die, dass ich Überhaupt E-Mails abrufen und verschicken kann. Das muss ja alles erstmal eingerichtet werden? Denke ich zumindest.
Das richtet Thunderbird 3.1.x automatisch ein. Du kannst auch alle Mails von OjE in Thunderbird importieren und natürlich beides parallel installiert haben.


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
--> Internetverbindung wird ständig selbstständig unterbrochen

Alt 31.08.2010, 21:37   #7
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo,

ich habe jetzt Thunderbird installiert. Er hat wohl auch alle Einstellungen übernommen. Jetzt fragt er mich aber nach dem Passwort zu meiner E-Mail Adresse. Die kenne ich aber nicht.

Beim ausführen von ComboFix bekam ich die Meldung, dass der Virenschutz aktiviert ist. Aber wie kann ich den abschalten? Ich habe im Virenprogramm gesucht. Wenn ich da ein Häckchen rausnehme, bekomme ich gleich den Warnhinweis, ob ich es deinstallieren will. Kann ich das alles einfach so deinstallieren? Wie wird das danach wieder aktiviert?

Viele Grüße,

Rainer

Alt 31.08.2010, 21:53   #8
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo,

der Scan wurde jetzt, obwohl ich nicht bestätigt habe, dennoch durchgeführt. trotz laufenden Virenscanner. Hier das Logfile.

Viele Grüße,

Rainer

ComboFix 10-08-31.01 - User 31.08.2010 22:43:30.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2037.1210 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\User\Eigene Dateien\A\cofi.exe
AV: Norman Security Suite *On-access scanning enabled* (Updated) {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
* Im Speicher befindliches AV aktiv.

.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\AUTOLNCH.REG

.
((((((((((((((((((((((( Dateien erstellt von 2010-07-28 bis 2010-08-31 ))))))))))))))))))))))))))))))
.

2010-08-31 20:05 . 2010-08-31 20:05 -------- d-----w- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Thunderbird
2010-08-31 20:05 . 2010-08-31 20:05 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Thunderbird
2010-08-31 20:05 . 2010-08-31 20:05 -------- d-----w- c:\programme\Mozilla Thunderbird
2010-08-28 13:38 . 2010-08-28 13:38 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Helper
2010-08-21 20:28 . 2010-08-21 20:28 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\jpg-Illuminator
2010-08-21 16:16 . 2010-08-29 19:47 -------- d-----w- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\MyAshampoo
2010-08-21 16:16 . 2010-08-21 16:16 -------- d-----w- c:\programme\MyAshampoo
2010-08-21 16:16 . 2010-01-20 10:19 52224 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-08-21 16:16 . 2010-01-20 10:19 101376 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-08-17 20:45 . 2010-08-17 20:45 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Winload
2010-08-17 20:45 . 2010-08-17 20:45 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\softonic-de3
2010-08-17 20:45 . 2010-08-17 20:45 -------- d-----r- c:\dokumente und einstellungen\NetworkService\Favoriten
2010-08-17 20:44 . 2010-05-19 07:37 67664 ----a-w- c:\windows\system32\drivers\ale_nf64.sys
2010-08-17 20:44 . 2010-05-19 07:36 60960 ----a-w- c:\windows\system32\drivers\ale_nf.sys
2010-08-17 20:44 . 2010-05-10 08:13 376136 ----a-w- c:\windows\system32\drivers\tdi_nf.sys
2010-08-17 20:44 . 2010-06-21 12:54 48272 ----a-w- c:\windows\system32\drivers\nnetsec.sys
2010-08-17 20:44 . 2010-05-28 10:40 30584 ----a-w- c:\windows\system32\drivers\nnetsecl.sys
2010-08-17 20:44 . 2010-05-25 12:28 34192 ----a-w- c:\windows\system32\drivers\nnetsecl64.sys
2010-08-15 17:00 . 2010-08-21 16:43 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\XnView
2010-08-15 17:00 . 2010-08-15 17:00 -------- d-----w- c:\programme\XnView
2010-08-14 13:55 . 2010-08-14 13:56 -------- d-----w- c:\programme\Paint.NET
2010-08-14 13:55 . 2010-08-26 17:33 -------- d-----w- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Paint.NET
2010-08-05 21:16 . 2010-08-05 21:16 503808 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1946db42-n\msvcp71.dll
2010-08-05 21:16 . 2010-08-05 21:16 499712 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1946db42-n\jmc.dll
2010-08-05 21:16 . 2010-08-05 21:16 348160 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1946db42-n\msvcr71.dll
2010-08-05 21:16 . 2010-08-05 21:16 61440 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-167f9a64-n\decora-sse.dll
2010-08-05 21:16 . 2010-08-05 21:16 12800 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-167f9a64-n\decora-d3d.dll
2010-08-02 18:01 . 2010-08-02 18:01 -------- d-----w- c:\dokumente und einstellungen\User\.fontconfig

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-31 20:17 . 2010-05-05 19:36 -------- d-----w- c:\programme\Crawler
2010-08-29 19:42 . 2010-06-17 15:36 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Corel
2010-08-26 21:10 . 2009-10-01 19:36 117760 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-23 16:57 . 2010-06-17 15:36 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-08-22 06:21 . 2009-10-09 14:29 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\gtk-2.0
2010-08-21 16:35 . 2010-06-30 20:20 -------- d---a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
2010-08-21 15:20 . 2009-11-12 14:16 -------- d-----w- c:\programme\Gemeinsame Dateien\Panasonic
2010-08-21 15:20 . 2009-11-12 14:13 -------- d-----w- c:\programme\Panasonic
2010-08-21 15:20 . 2009-06-05 09:22 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-08-21 15:19 . 2009-09-18 21:15 -------- d-----w- c:\programme\CCleaner
2010-08-17 20:45 . 2009-08-21 16:07 8224 ----a-w- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-08-17 20:45 . 2009-08-27 08:13 -------- d-----w- c:\programme\Norman
2010-08-12 06:23 . 2009-06-05 09:51 84524 ----a-w- c:\windows\system32\perfc007.dat
2010-08-12 06:23 . 2009-06-05 09:51 459152 ----a-w- c:\windows\system32\perfh007.dat
2010-08-03 05:15 . 2009-08-26 12:18 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\NOS
2010-06-30 12:28 . 2009-06-05 09:51 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2009-06-05 09:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2009-06-05 09:51 1852032 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2009-06-05 09:51 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2009-06-05 09:51 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-06-05 08:59 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2009-06-05 09:51 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
.

((((((((((((((((((((((((((((( SnapShot@2010-04-29_20.21.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
- 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
- 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 18:54 . 2009-07-11 18:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 18:32 . 2009-07-11 18:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2010-04-25 14:54 . 2010-04-25 14:54 56656 c:\windows\WinSxS\amd64_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_22d6ba8a\vcomp90.dll
+ 2009-07-11 20:14 . 2009-07-11 20:14 67072 c:\windows\WinSxS\amd64_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d7860533\mfcm90u.dll
+ 2009-07-11 20:14 . 2009-07-11 20:14 67072 c:\windows\WinSxS\amd64_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d7860533\mfcm90.dll
+ 2010-08-31 19:52 . 2010-08-31 19:52 16384 c:\windows\Temp\Perflib_Perfdata_ff0.dat
+ 2010-08-31 19:51 . 2010-08-31 19:51 16384 c:\windows\Temp\Perflib_Perfdata_6a8.dat
+ 2009-06-05 09:51 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
- 2009-06-05 09:51 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2010-03-30 22:16 . 2010-03-30 22:16 99176 c:\windows\system32\PresentationHostProxy.dll
- 2009-06-05 09:51 . 2010-03-30 20:44 71196 c:\windows\system32\perfc009.dat
+ 2009-06-05 09:51 . 2010-08-12 06:23 71196 c:\windows\system32\perfc009.dat
+ 2009-11-06 23:07 . 2009-11-06 23:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
- 2009-03-08 02:31 . 2010-02-25 06:15 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 02:31 . 2010-06-24 12:21 55296 c:\windows\system32\msfeedsbs.dll
- 2009-06-05 09:51 . 2010-02-25 06:15 25600 c:\windows\system32\jsproxy.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 25600 c:\windows\system32\jsproxy.dll
+ 2010-07-02 16:37 . 2009-04-17 13:48 18304 c:\windows\system32\DRVSTORE\grmnusb_8E661E05CC789A6D1B8ABAA087CF60EDD72AC35D\I386\grmngen.sys
- 2009-08-27 08:14 . 2009-10-08 10:59 21832 c:\windows\system32\drivers\nvcw32mf.sys
+ 2009-08-27 08:14 . 2009-10-09 09:22 21832 c:\windows\system32\drivers\nvcw32mf.sys
- 2009-09-30 06:30 . 2010-03-29 22:46 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-09-30 06:30 . 2010-04-29 13:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-09-30 06:30 . 2010-04-29 13:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2009-08-28 17:53 . 2009-04-17 18:48 18304 c:\windows\system32\drivers\grmngen.sys
+ 2009-08-26 12:27 . 2010-06-24 12:22 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-08-26 12:27 . 2010-02-25 06:15 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-08-26 12:27 . 2010-02-25 06:15 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-08-26 12:27 . 2010-06-24 12:21 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-06-05 09:51 . 2010-02-25 06:15 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-06-05 09:51 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2009-06-05 09:51 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-06-20 10:32 . 2010-06-20 10:32 22528 c:\windows\Installer\116939f.msi
+ 2010-08-14 13:56 . 2010-08-14 13:56 77610 c:\windows\Installer\{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}\_853F67D554F05449430E7E.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-06-20 10:46 . 2010-06-20 10:46 25214 c:\windows\Installer\{C2D129C0-7508-11DF-9F1B-005056806466}\ARPPRODUCTICON.exe
+ 2010-06-17 15:30 . 2010-06-17 16:16 22486 c:\windows\Installer\{3C569633-C8DE-46E2-BB8F-F65198681C2F}\SnapfireIcon_Corel.exe
+ 2010-06-17 15:30 . 2010-06-17 16:16 22486 c:\windows\Installer\{3C569633-C8DE-46E2-BB8F-F65198681C2F}\NewShortcut1.73D5A293_D496_4B44_B535_AA8F98088895.exe
+ 2010-06-17 15:30 . 2010-06-17 16:16 22486 c:\windows\Installer\{3C569633-C8DE-46E2-BB8F-F65198681C2F}\ARPPRODUCTICON.exe
+ 2010-06-17 15:31 . 2010-06-17 15:31 61440 c:\windows\Installer\{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}\NewShortcut2.exe_B0CC61734F2E4C55A2D9A01743709D0D_1.exe
+ 2010-06-17 15:31 . 2010-06-17 15:31 61440 c:\windows\Installer\{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}\NewShortcut1_B0CC61734F2E4C55A2D9A01743709D0D_1.exe
+ 2010-06-17 15:31 . 2010-06-17 15:31 61440 c:\windows\Installer\{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}\ARPPRODUCTICON.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 73032 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\photoupload.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 75624 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\iglzw15d.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 28488 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\email.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 27464 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coresingletonmgr.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 66376 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corememory.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 42824 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corelanguage.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 29512 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreerrorcodes.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 83272 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\camwia.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 77824 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\am.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 12800 c:\windows\ie8updates\KB2183461-IE8\xpshims.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 55296 c:\windows\ie8updates\KB2183461-IE8\msfeedsbs.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 25600 c:\windows\ie8updates\KB2183461-IE8\jsproxy.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4de44b61\System.Drawing.Design.dll
+ 2010-06-10 21:14 . 2010-06-10 21:14 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_64756d22\CustomMarshalers.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 24576 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\b4fc4692486f393c43bd0e904337006c\WiaProxy32.ni.exe
+ 2010-08-12 16:06 . 2010-08-12 16:06 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-08-12 16:07 . 2010-08-12 16:07 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-08-12 06:24 . 2010-08-12 06:24 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 55808 c:\windows\assembly\NativeImages_v2.0.50727_32\PHOTOfunSTUDIO\3de4448bee2d27bfca983e86005df7bd\PHOTOfunSTUDIO.ni.exe
+ 2010-08-12 16:12 . 2010-08-12 16:12 19456 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\32bc8f9c41c3a5f28363abf6a387efdd\Panasonic.Framework.Extension.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 35328 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\e25b8802ae26c7b0b7014d6e2377922f\Panasonic.Core.Spec.Plugin.StillPicture.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 97792 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\86d6f7c13679ba7e24d9bff1615e27b4\Panasonic.Core.Spec.Plugin.Utility.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\6faad71c7322dcfb61cd61224cac7285\Panasonic.Core.Spec.PluginFactory.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 78336 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\e8faafc0a52b902e89da2a75ee498061\Panasonic.Core.Helper.UAC.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 72704 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\18917f2d47713228f344c966d4117d45\Panasonic.Core.Helper.AutoPlay.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 20992 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Core#\700c47344a915ee92cf58a2d0d10c0dc\Panasonic.Core.CoreException.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-08-12 16:06 . 2010-08-12 16:06 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 36352 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\7f61cf4c3892b0ff2ac1b3ea9d39144d\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 18944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\757619ca9b5548f90bc6a9aadd7ba7ec\Microsoft.PowerShell.Commands.Management.resource s.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 16896 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\546bc5d4ed9d8c41e0c53321177afd8b\Microsoft.PowerShell.Security.resources.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 31232 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\26ad092d5c50f4390fb38334dca6e45a\Microsoft.PowerShell.Commands.Utility.resources.n i.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-08-12 06:24 . 2010-08-12 06:24 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\9635ebb159cfd1fdeada9e92dbb06347\Interop.WIA.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-08-12 16:11 . 2010-08-12 16:11 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\CResourceReader\bff29a46e48b95291750b06ca610a1d6\CResourceReader.ni.dll
+ 2010-08-12 16:11 . 2010-08-12 16:11 85504 c:\windows\assembly\NativeImages_v2.0.50727_32\CRegistryAccess\799b05c45ba93d0ebd916a7133318157\CRegistryAccess.ni.dll
+ 2010-08-12 16:11 . 2010-08-12 16:11 97792 c:\windows\assembly\NativeImages_v2.0.50727_32\CLicenseAgreementDlg\10a758234bb2edf0fd22da0a2a6f8a4e\CLicenseAgreementDlg.ni.dll
+ 2010-08-12 16:07 . 2010-08-12 16:07 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-26 12:34 . 2009-08-26 12:34 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-06-10 21:13 . 2010-06-10 21:13 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-06-10 21:14 . 2010-06-10 21:14 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-05-26 06:08 . 2010-01-23 08:11 46080 c:\windows\$NtUninstallKB981793$\tzchange.exe
+ 2010-05-26 06:08 . 2010-04-22 22:21 16896 c:\windows\$NtUninstallKB981793$\spuninst\tzchange.dll
+ 2010-06-10 06:15 . 2008-04-14 12:00 65024 c:\windows\$NtUninstallKB979482$\asycfilt.dll
+ 2010-06-10 06:17 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB982381-IE8\update\spcustom.dll
+ 2010-06-10 06:17 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB982381-IE8\spmsg.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 12800 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\xpshims.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 55296 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeedsbs.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 25600 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\jsproxy.dll
+ 2010-06-10 21:17 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB980218\update\spcustom.dll
+ 2010-06-10 21:17 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB980218\spmsg.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB980195\update\spcustom.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB980195\spmsg.dll
+ 2010-06-10 06:17 . 2009-05-26 09:01 26488 c:\windows\$hf_mig$\KB979559\update\spcustom.dll
+ 2010-06-10 06:17 . 2009-05-26 09:01 18808 c:\windows\$hf_mig$\KB979559\spmsg.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB979482\update\spcustom.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB979482\spmsg.dll
+ 2010-03-05 14:50 . 2010-03-05 14:50 65536 c:\windows\$hf_mig$\KB979482\SP3QFE\asycfilt.dll
+ 2010-05-12 06:13 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB978542\update\spcustom.dll
+ 2010-05-12 06:13 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB978542\spmsg.dll
+ 2010-06-10 06:15 . 2008-07-08 13:00 26488 c:\windows\$hf_mig$\KB975562\update\spcustom.dll
+ 2010-06-10 06:15 . 2008-07-08 13:00 18808 c:\windows\$hf_mig$\KB975562\spmsg.dll
+ 2010-07-16 11:20 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB2229593\update\spcustom.dll
+ 2010-07-16 11:20 . 2009-05-26 11:40 18808 c:\windows\$hf_mig$\KB2229593\spmsg.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-05-01 19:46 . 2001-08-18 02:54 5632 c:\windows\system32\ptpusb.dll
+ 2010-07-02 16:37 . 2009-04-17 13:48 9344 c:\windows\system32\DRVSTORE\grmnusb_8E661E05CC789A6D1B8ABAA087CF60EDD72AC35D\I386\grmnusb.sys
+ 2009-08-28 17:53 . 2009-04-17 18:48 9344 c:\windows\system32\drivers\grmnusb.sys
+ 2010-06-17 15:30 . 2010-06-17 16:16 8854 c:\windows\Installer\{3C569633-C8DE-46E2-BB8F-F65198681C2F}\ShortcutUninstall.exe
- 2009-10-15 07:10 . 2009-10-15 07:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 01:54 . 2008-07-29 01:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-11 20:11 . 2009-07-11 20:11 624448 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcr90.dll
+ 2009-07-11 20:11 . 2009-07-11 20:11 853312 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcp90.dll
+ 2009-07-11 20:14 . 2009-07-11 20:14 245760 c:\windows\WinSxS\amd64_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_069f922e\msvcm90.dll
+ 2010-04-25 14:54 . 2010-04-25 14:54 176456 c:\windows\WinSxS\amd64_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_673f7fa2\atl90.dll
+ 2010-04-25 14:53 . 2010-04-25 14:53 323624 c:\windows\system32\wiaaut.dll
+ 2009-09-28 20:05 . 2010-05-03 17:40 149752 c:\windows\system32\Restore\rstrlog.dat
+ 2007-04-04 15:08 . 2007-04-04 15:08 158456 c:\windows\system32\pxwma.dll
+ 2010-05-01 19:46 . 2008-04-14 05:52 159232 c:\windows\system32\ptpusd.dll
+ 2007-06-05 11:20 . 2007-06-05 11:20 177704 c:\windows\system32\PSIService.exe
+ 2010-03-30 22:10 . 2010-03-30 22:10 295264 c:\windows\system32\PresentationHost.exe
- 2009-06-05 09:51 . 2010-03-30 20:44 441260 c:\windows\system32\perfh009.dat
+ 2009-06-05 09:51 . 2010-08-12 06:23 441260 c:\windows\system32\perfh009.dat
- 2009-06-05 09:51 . 2010-02-25 06:15 206848 c:\windows\system32\occache.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 206848 c:\windows\system32\occache.dll
- 2009-08-27 08:14 . 2009-10-07 12:07 214344 c:\windows\system32\nscrnsav.scr
+ 2009-08-27 08:14 . 2009-10-11 13:06 214344 c:\windows\system32\nscrnsav.scr
+ 2009-06-05 09:51 . 2010-06-24 12:22 611840 c:\windows\system32\mstime.dll
- 2009-06-05 09:51 . 2010-02-25 06:15 611840 c:\windows\system32\mstime.dll
+ 2009-03-08 02:32 . 2010-06-24 12:21 599040 c:\windows\system32\msfeeds.dll
+ 2009-11-06 23:07 . 2009-11-06 23:07 297808 c:\windows\system32\mscoree.dll
+ 2010-08-08 05:57 . 2010-08-08 05:57 231888 c:\windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe
- 2010-03-30 20:44 . 2010-03-09 02:28 153376 c:\windows\system32\javaws.exe
+ 2010-03-30 20:44 . 2010-04-12 15:29 153376 c:\windows\system32\javaws.exe
- 2010-03-30 20:44 . 2010-03-09 02:28 145184 c:\windows\system32\javaw.exe
+ 2010-03-30 20:44 . 2010-04-12 15:29 145184 c:\windows\system32\javaw.exe
+ 2010-03-30 20:44 . 2010-04-12 15:29 145184 c:\windows\system32\java.exe
- 2010-03-30 20:44 . 2010-03-09 02:28 145184 c:\windows\system32\java.exe
- 2009-06-05 08:59 . 2008-04-11 19:04 691712 c:\windows\system32\inetcomm.dll
+ 2009-06-05 08:59 . 2010-01-29 14:59 691712 c:\windows\system32\inetcomm.dll
- 2009-06-05 09:51 . 2010-02-25 06:14 184320 c:\windows\system32\iepeers.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 184320 c:\windows\system32\iepeers.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 387584 c:\windows\system32\iedkcs32.dll
- 2009-06-05 09:51 . 2010-02-25 06:14 387584 c:\windows\system32\iedkcs32.dll
- 2009-06-05 09:51 . 2010-02-24 09:53 173056 c:\windows\system32\ie4uinit.exe
+ 2009-06-05 09:51 . 2010-06-23 12:08 173056 c:\windows\system32\ie4uinit.exe
+ 2009-06-05 09:55 . 2010-08-16 05:26 329888 c:\windows\system32\FNTCACHE.DAT
- 2009-06-05 09:51 . 2010-02-25 06:15 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 916480 c:\windows\system32\dllcache\wininet.dll
+ 2009-06-05 09:51 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys
+ 2009-06-05 09:51 . 2010-06-30 12:28 149504 c:\windows\system32\dllcache\schannel.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 206848 c:\windows\system32\dllcache\occache.dll
- 2009-06-05 09:51 . 2010-02-25 06:15 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 611840 c:\windows\system32\dllcache\mstime.dll
- 2009-06-05 09:51 . 2010-02-25 06:15 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-08-26 12:27 . 2010-06-24 12:21 599040 c:\windows\system32\dllcache\msfeeds.dll
- 2009-06-05 08:59 . 2008-04-11 19:04 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-06-05 08:59 . 2010-01-29 14:59 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-08-26 12:27 . 2010-06-24 12:21 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-08-26 12:27 . 2010-02-25 06:14 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-06-05 09:51 . 2010-02-25 06:14 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-10 06:10 . 2010-06-24 12:21 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2009-06-05 09:51 . 2010-06-24 12:21 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-06-05 09:51 . 2010-02-25 06:14 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-06-05 09:51 . 2010-02-24 09:53 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-06-05 09:51 . 2010-06-23 12:08 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-06-05 08:59 . 2010-06-14 14:31 744448 c:\windows\system32\dllcache\helpsvc.exe
- 2009-06-05 08:59 . 2008-04-14 12:00 744448 c:\windows\system32\dllcache\helpsvc.exe
- 2009-06-05 09:51 . 2008-04-14 12:00 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2009-06-05 09:51 . 2010-04-20 05:29 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-05-18 19:47 . 2010-04-12 15:29 411368 c:\windows\system32\deployJava1.dll
- 2009-06-05 09:51 . 2008-04-14 12:00 285696 c:\windows\system32\atmfd.dll
+ 2009-06-05 09:51 . 2010-04-20 05:29 285696 c:\windows\system32\atmfd.dll
+ 2010-03-30 22:16 . 2010-03-30 22:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 03:31 . 2010-03-23 03:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-06-19 09:45 . 2010-06-19 09:45 219648 c:\windows\Installer\eb3bd7.msi
+ 2010-06-19 09:45 . 2010-06-19 09:45 424960 c:\windows\Installer\eb3bd1.msi
+ 2010-08-14 13:56 . 2010-08-14 13:56 490496 c:\windows\Installer\d8f0b6.msi
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\29d562.msp
+ 2010-06-17 15:29 . 2010-06-17 15:29 335872 c:\windows\Installer\{15803703-25FA-4C01-A062-3F4A59937E87}\ARPPRODUCTICON.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 427848 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\tooltext.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 348160 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\msvcr71.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 499712 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\msvcp71.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 574792 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\mediacataloger.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 542568 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\kdu_v52r.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 632680 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\igjpeg2k15d.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 570696 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreslideshow.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 517448 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreprojects.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 126280 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corepreferences.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 230728 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coremultimedia.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 759624 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corefileutil.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 296264 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corefileformats.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 255816 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreenums.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 150856 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corecolormgr.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 300360 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdslideshow.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 223048 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdprojects.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 122696 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdphotosharing.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 186696 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdorganizer.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 130888 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdjgl.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 137032 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdemail.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-06-10 06:17 . 2010-02-22 14:22 388984 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-06-10 06:17 . 2008-07-08 13:00 234872 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-06-10 06:17 . 2010-02-25 06:15 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-06-10 06:17 . 2010-02-25 06:14 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-06-10 06:17 . 2010-02-25 06:14 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-06-10 06:17 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-06-10 06:17 . 2010-02-25 06:14 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-06-10 06:17 . 2010-02-24 09:53 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-05-02 21:22 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
- 2009-08-26 12:36 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 916480 c:\windows\ie8updates\KB2183461-IE8\wininet.dll
+ 2010-08-12 06:20 . 2010-02-22 14:22 388984 c:\windows\ie8updates\KB2183461-IE8\spuninst\updspapi.dll
+ 2010-08-12 06:20 . 2009-05-26 09:01 234872 c:\windows\ie8updates\KB2183461-IE8\spuninst\spuninst.exe
+ 2010-08-12 06:20 . 2010-05-06 10:31 206848 c:\windows\ie8updates\KB2183461-IE8\occache.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 611840 c:\windows\ie8updates\KB2183461-IE8\mstime.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 599040 c:\windows\ie8updates\KB2183461-IE8\msfeeds.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 247808 c:\windows\ie8updates\KB2183461-IE8\ieproxy.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 184320 c:\windows\ie8updates\KB2183461-IE8\iepeers.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 743424 c:\windows\ie8updates\KB2183461-IE8\iedvtool.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 387584 c:\windows\ie8updates\KB2183461-IE8\iedkcs32.dll
+ 2010-08-12 06:20 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2183461-IE8\ie4uinit.exe
+ 2010-06-10 21:15 . 2010-06-10 21:15 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_f4d8fa9e\System.Drawing.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_edf4fe04\System.Drawing.Design.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_59b10ce7\CustomMarshalers.dll
+ 2010-08-12 16:11 . 2010-08-12 16:11 159232 c:\windows\assembly\NativeImages_v2.0.50727_32\YouTubeUploaderMain\c66b216f0f80b9204322d4fd271a87e8\YouTubeUploaderMain.ni.exe
+ 2010-08-12 16:13 . 2010-08-12 16:13 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-08-12 16:09 . 2010-08-12 16:09 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-08-12 16:06 . 2010-08-12 16:06 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-08-12 06:24 . 2010-08-12 06:24 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-08-12 16:07 . 2010-08-12 16:07 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.d ll
+ 2010-08-12 16:08 . 2010-08-12 16:08 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3de39eb60b9d32af46f32f6c7a88fc7f\System.Runtime.Remoting.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\97bd2a5d946aa3a824e4cfe5b6ef95aa\System.Messaging.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\1c23e58c4871c6b2c133333be2b6a5ee\System.Management.Automation.resources.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 689664 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlServ#\34416ae70ef799fae3a42fa3bd93afa8\System.Data.SqlServerCe.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-08-12 06:23 . 2010-08-12 06:23 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\a055d54c458b7557d957c714551873c3\sysglobl.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-08-12 16:13 . 2010-08-12 16:13 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe
+ 2010-08-12 16:09 . 2010-08-12 16:09 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 137728 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\93299cfa3188496d42177f77308667d5\Panasonic.Framework.View.Util.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 456704 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\312b0fd35f5e366d40d850e85222e55a\Panasonic.Framework.Model.Command.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 314880 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Upda#\21c0926f6999ab126343f91b109ed104\Panasonic.Core.Updater.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 246784 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\cbd47b1794f98760d27f7aaffbc69286\Panasonic.Core.Spec.Plugin.DCF.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\cb6638d0a44bde3e0b1f6462a51e2da6\Panasonic.Core.Spec.Plugin.Base.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 917504 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Spec#\848dc5613d77481d088a3b5f9bea2187\Panasonic.Core.Spec.ContentInformation.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 430592 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Medi#\2d912e09eb59cb68805e70be31023f95\Panasonic.Core.MediaOrchestra.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 123904 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\fd8e6b3dc1b4d31de501bcd2d7c01bba\Panasonic.Core.Helper.FileSystem.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 167936 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\5b95a9d400ce67cb226a7c99a427ca59\Panasonic.Core.Helper.IISHilightHelper.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 403968 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\5860a5cd161557ffa76ea6a205b8d6db\Panasonic.Core.Helper.MakerPrivate.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 294400 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Help#\2e392da442548495b1ade83a69697a8c\Panasonic.Core.Helper.MakerPrivateCli.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 239104 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Face#\bda523a7c596c0e0c65f461fec4d0d28\Panasonic.Core.FaceIdentifierCli.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 150528 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Even#\19c372d34c9ea9013b65def9c3050ac3\Panasonic.Core.EventLog.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 344576 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Driv#\e886e337c574a5f5572ef90edba6adb6\Panasonic.Core.DriveControl.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 202752 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.Devi#\67e66c8ea084469df85613466ed5b567\Panasonic.Core.DeviceControl.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\c221461aeb4f27731d265142888b2425\PaintDotNet.SystemLayer.Native.x86.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 871424 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\41d822643fdbb14b442202e6274034a2\PaintDotNet.SystemLayer.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 388608 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\e2579c7d21458574741ffc33c4db5aad\PaintDotNet.Resources.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 796160 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\855563bfeaff8d5dcca27832a2fbbe8b\PaintDotNet.Effects.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 568832 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\1c042250a44efc313e31c6355dfb74c6\PaintDotNet.Data.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 775168 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\faa1f5f56cf4eb3bdc833ac429736e8b\PaintDotNet.Base.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-08-12 16:13 . 2010-08-12 16:13 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 968192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ddf0b43a5467013f826232fb4d059880\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 433664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c314791ced733fca0b01d97f87c1671b\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 148480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\95283aeaf043cf6550f525f7c2533344\Microsoft.PowerShell.Security.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 492032 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\29b677e9d1a41f78bd85463edc26891e\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 472064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\e489793fb494ff9d467cb8620ce9e2b7\Microsoft.MapPoint.Rendering3D.Utility.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 840192 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\deba555b5d848944c70d4c8ae297956e\Microsoft.MapPoint.Geometry.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 411648 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\cc134b6f9a83b4fb2346869ffd99f613\Microsoft.MapPoint.Network.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 766976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\bfbb5a8378b21da0caf990708b6fc735\Microsoft.MapPoint.Data.VirtualEarthTileDataSourc e.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 340992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\9d666637bf64e132f3393db423707208\Microsoft.MapPoint.UtilityPartialTrust.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 438272 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\73c82b0697aff6093ecb5a90713b8b36\Microsoft.MapPoint.MapControl3D.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 344064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\5813d9c981877fe41945bf3df4ae1b34\Microsoft.MapPoint.Utility.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 434176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\09579af13e9e1c226fba0a4e1291d59a\Microsoft.MapPoint.Data.CompactMapFile.ni.dll
+ 2010-08-12 06:24 . 2010-08-12 06:24 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 518656 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\9dd371dcb7c5042221f1947d73feccef\ICSharpCode.SharpZipLib.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-08-12 16:11 . 2010-08-12 16:11 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-06-10 21:13 . 2010-06-10 21:13 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-06-10 21:13 . 2010-06-10 21:13 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-06-10 21:13 . 2010-06-10 21:13 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-08-26 12:34 . 2009-08-26 12:34 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-05-26 06:08 . 2009-05-26 09:01 388984 c:\windows\$NtUninstallKB981793$\spuninst\updspapi.dll
+ 2010-05-26 06:08 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB981793$\spuninst\spuninst.exe
+ 2010-06-10 21:17 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB980218$\spuninst\updspapi.dll
+ 2010-06-10 21:17 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB980218$\spuninst\spuninst.exe
+ 2010-06-10 21:17 . 2008-04-14 12:00 285696 c:\windows\$NtUninstallKB980218$\atmfd.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 388984 c:\windows\$NtUninstallKB980195$\spuninst\updspapi.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB980195$\spuninst\spuninst.exe
+ 2010-06-10 06:17 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979559$\spuninst\updspapi.dll
+ 2010-06-10 06:17 . 2009-05-26 09:01 234872 c:\windows\$NtUninstallKB979559$\spuninst\spuninst.exe
+ 2010-06-10 06:15 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB979482$\spuninst\updspapi.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB979482$\spuninst\spuninst.exe
+ 2010-06-10 06:15 . 2007-07-27 21:11 382840 c:\windows\$NtUninstallKB978695_WM9$\spuninst\updspapi.dll
+ 2010-06-10 06:15 . 2007-07-27 18:46 234872 c:\windows\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe
+ 2010-05-12 06:13 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB978542$\spuninst\updspapi.dll
+ 2010-05-12 06:13 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB978542$\spuninst\spuninst.exe
+ 2010-05-12 06:13 . 2008-04-11 19:04 691712 c:\windows\$NtUninstallKB978542$\inetcomm.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 388984 c:\windows\$NtUninstallKB975562$\spuninst\updspapi.dll
+ 2010-06-10 06:15 . 2008-07-08 13:00 234872 c:\windows\$NtUninstallKB975562$\spuninst\spuninst.exe
+ 2010-07-16 11:20 . 2010-02-22 17:52 388984 c:\windows\$NtUninstallKB2229593$\spuninst\updspapi.dll
+ 2010-07-16 11:20 . 2009-05-26 11:40 234872 c:\windows\$NtUninstallKB2229593$\spuninst\spuninst.exe
+ 2010-07-16 11:20 . 2008-04-14 12:00 744448 c:\windows\$NtUninstallKB2229593$\helpsvc.exe
+ 2010-06-10 06:17 . 2010-02-22 14:22 388984 c:\windows\$hf_mig$\KB982381-IE8\update\updspapi.dll
+ 2010-06-10 06:17 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB982381-IE8\update\update.exe
+ 2010-06-10 06:17 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB982381-IE8\spuninst.exe
+ 2010-06-10 06:10 . 2010-05-06 10:26 919040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 206848 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\occache.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 611840 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mstime.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 599040 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\msfeeds.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 247808 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieproxy.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 184320 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iepeers.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 743424 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedvtool.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 387584 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iedkcs32.dll
+ 2010-06-10 06:10 . 2010-05-05 13:55 173056 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ie4uinit.exe
+ 2010-06-10 21:17 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB980218\update\updspapi.dll
+ 2010-06-10 21:17 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB980218\update\update.exe
+ 2010-06-10 21:17 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB980218\spuninst.exe
+ 2010-04-20 05:37 . 2010-04-20 05:37 285824 c:\windows\$hf_mig$\KB980218\SP3QFE\atmfd.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 388984 c:\windows\$hf_mig$\KB980195\update\updspapi.dll
+ 2010-06-10 06:18 . 2008-07-08 13:00 765304 c:\windows\$hf_mig$\KB980195\update\update.exe
+ 2010-06-10 06:18 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB980195\spuninst.exe
+ 2010-06-10 06:17 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979559\update\updspapi.dll
+ 2010-06-10 06:17 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979559\update\update.exe
+ 2010-06-10 06:17 . 2009-05-26 09:01 234872 c:\windows\$hf_mig$\KB979559\spuninst.exe
+ 2010-06-10 06:15 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB979482\update\updspapi.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB979482\update\update.exe
+ 2010-06-10 06:15 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB979482\spuninst.exe
+ 2010-05-12 06:13 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB978542\update\updspapi.dll
+ 2010-05-12 06:13 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB978542\update\update.exe
+ 2010-05-12 06:13 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB978542\spuninst.exe
+ 2010-01-29 14:53 . 2010-01-29 14:53 691712 c:\windows\$hf_mig$\KB978542\SP3QFE\inetcomm.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 388984 c:\windows\$hf_mig$\KB975562\update\updspapi.dll
+ 2010-06-10 06:15 . 2009-05-26 11:40 765304 c:\windows\$hf_mig$\KB975562\update\update.exe
+ 2010-06-10 06:15 . 2008-07-08 13:00 234872 c:\windows\$hf_mig$\KB975562\spuninst.exe
+ 2010-07-16 11:20 . 2010-02-22 17:52 388984 c:\windows\$hf_mig$\KB2229593\update\updspapi.dll
+ 2010-07-16 11:20 . 2010-02-22 14:21 765304 c:\windows\$hf_mig$\KB2229593\update\update.exe
+ 2010-07-16 11:20 . 2009-05-26 11:40 234872 c:\windows\$hf_mig$\KB2229593\spuninst.exe
+ 2010-07-16 10:20 . 2010-06-14 14:38 744448 c:\windows\$hf_mig$\KB2229593\SP3QFE\helpsvc.exe
+ 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 06:05 . 2008-07-29 06:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
- 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-11 20:11 . 2009-07-11 20:11 5102400 c:\windows\WinSxS\amd64_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d7860533\mfc90u.dll
+ 2009-07-11 20:11 . 2009-07-11 20:11 5083448 c:\windows\WinSxS\amd64_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d7860533\mfc90.dll
+ 2009-06-05 09:51 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 1210368 c:\windows\system32\urlmon.dll
+ 2009-06-05 09:51 . 2010-07-27 06:29 8503296 c:\windows\system32\shell32.dll
- 2009-06-05 09:51 . 2009-11-27 17:11 1297408 c:\windows\system32\quartz.dll
+ 2009-06-05 09:51 . 2010-02-05 18:25 1297408 c:\windows\system32\quartz.dll
+ 2007-06-05 11:20 . 2007-06-05 11:20 1459752 c:\windows\system32\PSIKey.dll
+ 2008-04-14 07:29 . 2010-04-28 05:41 2148864 c:\windows\system32\ntoskrnl.exe
- 2008-04-14 07:29 . 2010-02-16 19:04 2148864 c:\windows\system32\ntoskrnl.exe
+ 2008-04-14 07:30 . 2010-04-28 05:41 2027008 c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 07:30 . 2010-02-16 19:04 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2009-06-05 09:51 . 2010-06-24 12:22 5951488 c:\windows\system32\mshtml.dll
+ 2009-10-28 03:40 . 2010-08-08 05:57 5612496 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-03-08 02:32 . 2010-06-24 12:21 1986560 c:\windows\system32\iertutil.dll
+ 2009-06-05 09:51 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-06-05 09:51 . 2010-06-24 09:02 1852032 c:\windows\system32\dllcache\win32k.sys
+ 2009-06-05 09:51 . 2010-06-24 12:22 1210368 c:\windows\system32\dllcache\urlmon.dll
+ 2009-06-05 09:51 . 2010-07-27 06:29 8503296 c:\windows\system32\dllcache\shell32.dll
- 2009-06-05 09:51 . 2009-11-27 17:11 1297408 c:\windows\system32\dllcache\quartz.dll
+ 2009-06-05 09:51 . 2010-02-05 18:25 1297408 c:\windows\system32\dllcache\quartz.dll
- 2009-06-05 09:21 . 2010-02-17 12:04 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-06-05 09:21 . 2010-04-28 18:11 2192256 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-06-05 09:21 . 2010-04-28 05:41 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-06-05 09:21 . 2010-02-16 19:04 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-10 17:03 . 2010-02-16 19:04 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-10 17:03 . 2010-04-28 05:41 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-06-05 09:21 . 2010-02-16 19:04 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-06-05 09:21 . 2010-04-28 05:41 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2009-06-05 09:51 . 2009-07-31 04:32 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2009-06-05 09:51 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
- 2009-06-05 08:59 . 2009-07-10 13:26 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-06-05 08:59 . 2010-01-29 14:59 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-06-05 09:51 . 2010-06-24 12:22 5951488 c:\windows\system32\dllcache\mshtml.dll
+ 2009-06-05 08:59 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2009-06-05 08:59 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-08-26 12:27 . 2010-06-24 12:21 1986560 c:\windows\system32\dllcache\iertutil.dll
+ 2009-11-06 23:06 . 2009-11-06 23:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-07 21:48 . 2010-04-07 21:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 03:32 . 2010-03-23 03:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 04:40 . 2010-05-11 04:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-07-02 19:15 . 2010-07-02 19:15 1472000 c:\windows\Installer\c50570.msi
+ 2010-06-20 08:01 . 2010-06-20 08:01 8040960 c:\windows\Installer\8a234b.msp
+ 2010-07-02 16:56 . 2010-07-02 16:56 2286080 c:\windows\Installer\346ee9.msi
+ 2010-07-02 16:37 . 2010-07-02 16:37 1096704 c:\windows\Installer\346ede.msi
+ 2009-11-08 22:25 . 2009-11-08 22:25 1935360 c:\windows\Installer\2add3c.msp
+ 2010-06-17 15:31 . 2010-06-17 15:31 1973248 c:\windows\Installer\1b0714.msi
+ 2010-06-17 15:29 . 2010-06-17 15:29 3467776 c:\windows\Installer\1b0707.msi
+ 2010-04-11 20:17 . 2010-04-11 20:17 2607104 c:\windows\Installer\127b3af.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 4210688 c:\windows\Installer\127b3ae.msp
+ 2010-06-20 10:46 . 2010-06-20 10:46 1219584 c:\windows\Installer\122c565.msi
+ 2007-08-21 09:50 . 2007-08-21 09:50 1060864 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\mfc71.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 2180968 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\igcore15d.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1873224 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corepython24.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1086792 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreorganizer.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1354568 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corel_mediaonerc.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 2301256 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corel_mediaone.exe
+ 2007-08-21 09:50 . 2007-08-21 09:50 1882952 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coreimageformats.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1594696 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coregui.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1530696 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\coregdi.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1012040 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corecontrols.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 2333000 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\corecmd.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1705800 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdbase2.dll
+ 2007-08-21 09:50 . 2007-08-21 09:50 1227592 c:\windows\Installer\$PatchCache$\Managed\336965C3ED8C2E64BBF86F158986C1F2\2.0.0\cmdbase1.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-06-10 06:17 . 2010-02-25 06:15 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 1209344 c:\windows\ie8updates\KB2183461-IE8\urlmon.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 5950976 c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 1985536 c:\windows\ie8updates\KB2183461-IE8\iertutil.dll
+ 2009-06-05 09:21 . 2010-04-28 18:11 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-06-05 09:21 . 2010-02-17 12:04 2192256 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-06-05 09:21 . 2010-02-16 19:04 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-06-05 09:21 . 2010-04-28 05:41 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-10 17:03 . 2010-02-16 19:04 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-10 17:03 . 2010-04-28 05:41 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-06-05 09:21 . 2010-02-16 19:04 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-06-05 09:21 . 2010-04-28 05:41 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-06-10 21:15 . 2010-06-10 21:15 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ef768b7a\System.dll
+ 2010-06-10 21:14 . 2010-06-10 21:14 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_2b5be7b9\System.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_78c3623b\System.Xml.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_4f3730fc\System.Xml.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f2844da4\System.Windows.Forms.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b097d4ce\System.Windows.Forms.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_16db51d7\System.Drawing.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b872c61f\System.Design.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_a146b704\System.Design.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a5a738c4\mscorlib.dll
+ 2010-06-10 21:15 . 2010-06-10 21:15 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0ab99378\mscorlib.dll
+ 2010-08-12 16:11 . 2010-08-12 16:11 3808768 c:\windows\assembly\NativeImages_v2.0.50727_32\YTUploader\c43809231df824fbcef3809a37a26b00\YTUploader.ni.dll
+ 2010-08-12 06:24 . 2010-08-12 06:24 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-08-12 06:23 . 2010-08-12 06:23 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-08-12 06:23 . 2010-08-12 06:23 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 4949504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\cf2f92b2b626f7e53e80146b17bd7bed\System.Management.Automation.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll
+ 2010-08-12 16:06 . 2010-08-12 16:06 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-08-12 16:06 . 2010-08-12 16:06 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-08-12 06:24 . 2010-08-12 06:24 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-08-12 16:14 . 2010-08-12 16:14 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-08-12 06:23 . 2010-08-12 06:23 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 4789760 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\eaf69b26b1cc85401a94723770031244\Panasonic.Framework.View.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 2354176 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\d055c0ae81aefe8cf712878d6198d341\Panasonic.Framework.View.Area.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 4415488 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\826ea0eb3328f6976602d717b5570e0c\Panasonic.Framework.Model.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 1663488 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\26350805daa41818b11ee70311c3ab39\Panasonic.Framework.View.Parts.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 3734016 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Framework#\20feb964e4ab4fef4d3d2ba7aaba9c01\Panasonic.Framework.View.Resource.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 1063936 c:\windows\assembly\NativeImages_v2.0.50727_32\Panasonic.Core.MACS\0b1d420f21f324cd52ca94fd1a6b4cc5\Panasonic.Core.MACS.ni.dll
+ 2010-08-14 13:56 . 2010-08-14 13:56 3140608 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\250df0760d03a235eb14982ca90c30b6\PaintDotNet.ni.exe
+ 2010-08-14 13:56 . 2010-08-14 13:56 1870848 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\09c84c7483acbf395f854cf414564992\PaintDotNet.Core.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 2766336 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\fe7296468a17db9cb46bed85ae931b0e\Microsoft.MapPoint.Graphics3D.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1949184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\ecf4a3607505d76357ddf05f0191bd09\Microsoft.MapPoint.Modeling.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 4094976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\9db9b5f60b3ab9adbb155e2719fb622f\Microsoft.MapPoint.Rendering3D.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1217024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\47857e354d635fd46499bd0d9c547b7b\Microsoft.MapPoint.Data.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1524224 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\1eeb37443afc3f5f60df69faf20b1895\Microsoft.MapPoint.GraphicsAPI.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1524736 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MapPoint.#\14b6f742980ace494855bc8db32417d5\Microsoft.MapPoint.Rendering3D.WorldMemoryDataSou rce.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-08-12 16:13 . 2010-08-12 16:13 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-06-24 06:17 . 2010-06-24 06:17 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-06-10 21:13 . 2010-06-10 21:13 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-06-24 06:17 . 2010-06-24 06:17 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 07:10 . 2009-10-15 07:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-26 12:34 . 2009-08-26 12:34 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-06-24 06:17 . 2010-06-24 06:17 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-08-12 06:22 . 2010-08-12 06:22 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2009-10-15 07:07 . 2009-10-15 07:07 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-06-10 21:14 . 2010-06-10 21:14 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-06-10 21:14 . 2010-06-10 21:14 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-10-15 07:07 . 2009-10-15 07:07 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-06-10 06:17 . 2009-08-14 15:10 1850752 c:\windows\$NtUninstallKB979559$\win32k.sys
+ 2010-06-10 06:15 . 2009-05-20 02:56 2458112 c:\windows\$NtUninstallKB978695_WM9$\wmvcore.dll
+ 2010-05-12 06:13 . 2009-07-10 13:26 1315328 c:\windows\$NtUninstallKB978542$\msoe.dll
+ 2010-06-10 06:15 . 2009-11-27 17:11 1297408 c:\windows\$NtUninstallKB975562$\quartz.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 1209856 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\urlmon.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 5953024 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
+ 2010-06-10 06:10 . 2010-05-06 10:26 1986048 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\iertutil.dll
+ 2010-05-02 08:00 . 2010-05-02 08:00 1860480 c:\windows\$hf_mig$\KB979559\SP3QFE\win32k.sys
+ 2010-01-29 14:53 . 2010-01-29 14:53 1315328 c:\windows\$hf_mig$\KB978542\SP3QFE\msoe.dll
+ 2010-02-05 18:28 . 2010-02-05 18:28 1297408 c:\windows\$hf_mig$\KB975562\SP3QFE\quartz.dll
+ 2009-08-26 12:37 . 2010-08-03 18:09 35962312 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2010-06-24 15:51 11077120 c:\windows\system32\ieframe.dll
+ 2009-07-19 16:41 . 2010-06-24 15:51 11077120 c:\windows\system32\dllcache\ieframe.dll
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-08-13 18:09 . 2010-08-13 18:09 12263936 c:\windows\Installer\7f390b.msp
+ 2010-06-17 16:15 . 2010-06-17 16:15 33086464 c:\windows\Installer\47efa5.msp
+ 2010-05-19 11:08 . 2010-05-19 11:08 11408896 c:\windows\Installer\399194.msp
+ 2010-03-30 23:23 . 2010-03-30 23:23 15638528 c:\windows\Installer\2add48.msp
+ 2010-06-17 15:30 . 2010-06-17 15:30 93624320 c:\windows\Installer\1b070e.msi
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\127b3da.msp
+ 2010-04-11 20:17 . 2010-04-11 20:17 14599680 c:\windows\Installer\127b3bd.msp
+ 2010-06-10 06:17 . 2010-02-25 09:45 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2010-08-12 06:20 . 2010-05-06 10:31 11076096 c:\windows\ie8updates\KB2183461-IE8\ieframe.dll
+ 2010-08-12 16:06 . 2010-08-12 16:06 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll
+ 2010-08-12 16:12 . 2010-08-12 16:12 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll
+ 2010-08-12 16:09 . 2010-08-12 16:09 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll
+ 2010-08-12 16:08 . 2010-08-12 16:08 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-08-12 16:05 . 2010-08-12 16:05 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-08-12 06:23 . 2010-08-12 06:23 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
+ 2010-05-06 13:56 . 2010-05-06 13:56 11078144 c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\ieframe.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\programme\softonic-de3\tbsof1.dll" [2010-05-15 2515552]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\programme\Winload\tbWin0.dll" [2010-05-15 2515552]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\programme\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2010-05-15 17:33 2515552 ----a-w- c:\programme\Winload\tbWin0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2009-12-31 09:53 2349080 ----a-w- c:\programme\MyAshampoo\tbMyAs.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]
2010-05-15 17:33 2515552 ----a-w- c:\programme\softonic-de3\tbsof1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}"= "c:\programme\softonic-de3\tbsof1.dll" [2010-05-15 2515552]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\programme\Winload\tbWin0.dll" [2010-05-15 2515552]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\programme\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\programme\Winload\tbWin0.dll" [2010-05-15 2515552]
"{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}"= "c:\programme\softonic-de3\tbsof1.dll" [2010-05-15 2515552]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\programme\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_CLASSES_ROOT\clsid\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}]

[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\programme\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-27 2010864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-05-21 17881600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]
"Norman ZANDA"="c:\programme\Norman\Npm\Bin\ZLH.EXE" [2010-01-29 189824]
"T-DSL SpeedMgr"="c:\programme\T-DSL SpeedManager\SpeedMgr.exe" [2004-07-14 397312]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"RemoteControl"="c:\programme\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Ulead AutoDetector v2"="c:\programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"Corel File Shell Monitor"="c:\programme\Corel\Corel MediaOne\CorelIOMonitor.exe" [2007-12-01 38400]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Microsoft Office.lnk - c:\programme\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programme\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\programme\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Image Zone Schnellstart.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk
backup=c:\windows\pss\HP Image Zone Schnellstart.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\programme\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Bayern 3D\\Bayern3D.exe"=

R1 NGS;Norman General Security Driver;c:\programme\Norman\ngs\bin\ngs.sys [17.08.2010 22:44 26744]
R1 NPROSEC;Norman Security driver;c:\programme\Norman\ngs\bin\nprosec.sys [17.08.2010 22:44 72392]
R1 SASDIFSV;SASDIFSV;c:\programme\SUPERAntiSpyware\SASDIFSV.SYS [15.09.2009 11:42 12872]
R1 SASKUTIL;SASKUTIL;c:\programme\SUPERAntiSpyware\SASKUTIL.SYS [15.09.2009 11:42 66632]
R2 ACEDRV08;ACEDRV08;c:\windows\system32\drivers\ACEDRV08.sys [09.11.2009 20:43 108768]
R2 drhard;drhard;c:\windows\system32\drivers\drhard.sys [27.08.2009 21:07 23600]
R2 Ndiskio;Ndiskio;c:\programme\Norman\Nse\Bin\Ndiskio.sys [15.10.2009 20:59 22880]
R2 NNFSVC;Norman Network Filtering service;c:\programme\Norman\ngs\bin\nnf.exe [17.08.2010 22:44 219904]
R2 NPROSECSVC;Norman Security service;c:\programme\Norman\ngs\bin\nprosec.exe [17.08.2010 22:44 103016]
R2 nregsec;Norman Registry Security driver;c:\programme\Norman\ngs\bin\nregsec.sys [17.08.2010 22:44 40384]
R2 NVOY;Norman Resource Provider;c:\programme\Norman\Npm\Bin\nvoy.exe [27.08.2009 10:14 98776]
R3 nsesvc;Norman Scanner Engine Service;c:\programme\Norman\Nse\Bin\Nsesvc.exe [17.06.2010 21:07 282624]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [27.08.2009 10:14 21832]
R3 nvcoas;Norman Virus Control on-access component;c:\programme\Norman\nvc\bin\Nvcoas.exe [27.08.2009 10:14 210248]
R3 SASENUM;SASENUM;c:\programme\SUPERAntiSpyware\SASENUM.SYS [15.09.2009 11:42 12872]
R3 Scheduler;Norman Scheduler Service;c:\programme\Norman\Npm\Bin\scheduler.exe [27.08.2009 10:18 133272]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [29.08.2009 17:15 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [05.06.2009 11:22 1684736]
S3 cpuz131;cpuz131;\??\c:\dokume~1\ADMINI~1\LOKALE~1\Temp\cpuz131\cpuz_x32.sys --> c:\dokume~1\ADMINI~1\LOKALE~1\Temp\cpuz131\cpuz_x32.sys [?]
S3 NVCScheduler;Norman Virus Control Scheduler;"c:\programme\Norman\Npm\Bin\Nvcsched.exe" --> c:\programme\Norman\Npm\Bin\Nvcsched.exe [?]
S3 TNPacket;T-Systems Nova Packet Capture Driver;c:\programme\T-DSL SpeedManager\TNPACKET.SYS [11.03.2004 17:44 9696]
S3 WPEServ;WPEServ;c:\programme\Gemeinsame Dateien\WPE\wpeserv.exe [05.01.2010 18:37 323584]

--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - mchInjDrv
.
Inhalt des "geplante Tasks" Ordners

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-08-29 14:25]

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-08-29 14:25]

2010-08-31 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 15:36]
.
.

Alt 31.08.2010, 21:54   #9
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Der Text war zu lang. Hier der Rest.

------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {3A6AC65B-5C4A-42F4-BE0B-667259779C59} = 217.0.43.177 217.0.43.161
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\programme\Crawler\ctbr.dll
FF - ProfilePath - c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - MyAshampoo Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://de.wikipedia.org/wiki/Benutzer:Rainer_Lippert
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}\components\RadioWMPCore.dll
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCore.dll
FF - component: c:\programme\Crawler\firefox\components\xcomm.dll
FF - component: c:\programme\Crawler\firefox\components\xshared.dll
FF - component: c:\programme\Crawler\firefox\components\xsupport.dll
FF - component: c:\programme\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\z8fc5ugq.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programme\Virtual Earth 3D\npVE3D.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: yahoo.homepage.dontask - truec:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

AddRemove-_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF} - c:\programme\Corel\Corel Painter Essentials 3\MSILauncher {0C180787-F8C8-42FD-A9D3-689BA44BEAAF}



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-08-31 22:47
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(580)
c:\programme\SUPERAntiSpyware\SASWINLO.dll
.
Zeit der Fertigstellung: 2010-08-31 22:49:53
ComboFix-quarantined-files.txt 2010-08-31 20:49
ComboFix2.txt 2010-04-29 20:22

Vor Suchlauf: 74.366.976 Bytes frei
Nach Suchlauf: 859.668.480 Bytes frei

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - DBA519138DFD79BBF20762829AFF805E

Alt 01.09.2010, 11:52   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Zitat:
Jetzt fragt er mich aber nach dem Passwort zu meiner E-Mail Adresse. Die kenne ich aber nicht.
Ich kenn Dein Passwort auch nicht
Es gibt da so eine Passwort vergessen Funktion bei Deinem Mailprovider. Aber eigentlich notiert man sich die wichtigsten Passwörter.

Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus

Anschließend den bootkit_remover herunterladen. Entpacke das Tool in einen eigenen Ordner auf dem Desktop und führe in diesem Ordner die Datei remove.exe aus.

Wenn Du Windows Vista oder Windows 7 verwendest, musst Du die remover.exe über ein Rechtsklick => als Administrator ausführen

Ein schwarzes Fenster wird sich öffnen und automatisch nach bösartigen Veränderungen im MBR suchen.
Poste dann bitte, ob es Veränderungen gibt und wenn ja in welchem device. Am besten alles posten was die remover.exe ausgibt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.09.2010, 19:11   #11
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hallo,

Passwort habe ich gefunden

Nutze inzwischen schon Thunderbird. Danke für den Tipp.

GMER ist mehrmals abgestürtzt. OSAM lässt sich nicht starten, weil eine Datei fehlt. Er sagt, eine Neuinstallation könne helfen. Ich habe es mehrmals gemacht, ohne Erfolg.

Grüße,

Rainer

Alt 01.09.2010, 19:25   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Bitte entpack OSAM mit 7-ZIP oder WinRAR
Und McAfee vorher deaktivieren, da es die OSAM.exe als schädlich einstuft, was aber ein Fehlalarm ist!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.09.2010, 20:59   #13
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Jetzt hat es geklappt. Hier das Logfile.

Viele Grüße,

Rainer


OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:58:10 on 01.09.2010

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.8

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"HPpromotions journeysoftware.job" - "hp" - C:\Programme\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"PCWizard.cpl" - "CPUID" - C:\WINDOWS\system32\PCWizard.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys
"catchme" (catchme) - ? - C:\DOKUME~1\User\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"cpuz131" (cpuz131) - ? - C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\cpuz131\cpuz_x32.sys  (File not found)
"drhard" (drhard) - "Licensed for Gebhard Software" - C:\WINDOWS\system32\drivers\drhard.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"Ndiskio" (Ndiskio) - "Norman ASA" - C:\Programme\Norman\Nse\Bin\NDISKIO.SYS
"Norman General Security Driver" (NGS) - "Norman ASA" - c:\programme\norman\ngs\bin\ngs.sys
"Norman Registry Security driver" (nregsec) - "Norman ASA" - C:\Programme\Norman\Ngs\Bin\nregsec.sys
"Norman Security driver" (NPROSEC) - "Norman ASA" - C:\Programme\Norman\Ngs\Bin\nprosec.sys
"NvcMFlt" (NvcMFlt) - "Norman ASA" - C:\WINDOWS\System32\DRIVERS\nvcw32mf.sys
"PCANDIS5 Protocol Driver" (PCANDIS5) - "Printing Communications Assoc., Inc. (PCAUSA)" - C:\PROGRA~1\T-DSLS~1\PCANDIS5.SYS
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
"SASENUM" (SASENUM) - " SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASENUM.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.sys
"T-Systems Nova Packet Capture Driver" (TNPacket) - "T-Systems Nova GmbH" - C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{4D25FB7A-8902-4291-960E-9ADA051CFBBF} "tbr" - "Crawler.com" - C:\Programme\Crawler\ctbr.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{CA5FEE26-14C1-4B5A-86E9-233FC0EE2682} "IZArc DragDrop Menu" - ? - C:\Programme\IZArc\IZArcCM.dll  (File found, but it contains no detailed information)
{8D9D4D0D-FDDD-44CB-AAB2-6161FA0757C5} "IZArc Shell Context Menu" - ? - C:\Programme\IZArc\IZArcCM.dll  (File found, but it contains no detailed information)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office\OLKFSTUB.DLL
{806ED916-BE33-43B7-A0BF-85875E1347FC} "PDF2" - "TODO: <Company name>" - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
{5B8177CA-E44B-4A0A-960B-935A15B21B58} "PDFContextMenuExt Class" - "TODO: <Company name>" - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
{83CE324B-E2BF-4F03-97A8-2EFB84E57BAF} "PDFPropPageExt Class" - "TODO: <Company name>" - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{BD88A479-9623-4897-8546-BC62B9628F44} "SPTHandler" - ? -   (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Crawler Toolbar" - "Crawler.com" - C:\Programme\Crawler\ctbr.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "MyAshampoo Toolbar" - "Conduit Ltd." - C:\Programme\MyAshampoo\tbMyAs.dll
<binary data> "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof1.dll
<binary data> "Winload Toolbar" - "Conduit Ltd." - C:\Programme\Winload\tbWin0.dll
<binary data> "{4A1C6093-14F9-44D7-860E-5D265CFCA9D9}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} "MyAshampoo Toolbar" - "Conduit Ltd." - C:\Programme\MyAshampoo\tbMyAs.dll
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof1.dll
{40c3cc16-7269-4b32-9531-17f2950fb06f} "Winload Toolbar" - "Conduit Ltd." - C:\Programme\Winload\tbWin0.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{722FE9B2-6895-42D9-9984-F4CB26616023} "Öffnen mit PDF Genie 3" - "TODO: <Company name>" - C:\Programme\DATA BECKER\PDF Genie 3.0\pdfshell.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Crawler Toolbar" - "Crawler.com" - C:\Programme\Crawler\ctbr.dll
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} "MyAshampoo Toolbar" - "Conduit Ltd." - C:\Programme\MyAshampoo\tbMyAs.dll
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof1.dll
{40c3cc16-7269-4b32-9531-17f2950fb06f} "Winload Toolbar" - "Conduit Ltd." - C:\Programme\Winload\tbWin0.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} "MyAshampoo Toolbar" - "Conduit Ltd." - C:\Programme\MyAshampoo\tbMyAs.dll
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} "softonic-de3 Toolbar" - "Conduit Ltd." - C:\Programme\softonic-de3\tbsof1.dll
{10945114-b19f-4614-8450-b25e444a1020} "SparweltGutscheinAlarm.Sparwelt_Gutschein_Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{40c3cc16-7269-4b32-9531-17f2950fb06f} "Winload Toolbar" - "Conduit Ltd." - C:\Programme\Winload\tbWin0.dll
{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} "{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}" - "Crawler.com" - C:\Programme\Crawler\ctbr.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office\OSA9.EXE  (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\User\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SUPERAntiSpyware" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Corel File Shell Monitor" - "Corel, Inc." - C:\Programme\Corel\Corel MediaOne\CorelIOMonitor.exe
"HP Software Update" - "Hewlett-Packard Co." - C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"Norman ZANDA" - "Norman ASA" - "C:\Programme\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
"RemoteControl" - "Cyberlink Corp." - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"T-DSL SpeedMgr" - "T-Systems Nova, Berkom" - "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
"Ulead AutoDetector v2" - "Ulead Systems, Inc." - C:\Programme\Gemeinsame Dateien\Ulead Systems\AutoDetector\monitor.exe

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Programme\Google\Update\GoogleUpdate.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"HID Input Service" (HidServ) - ? -  C:\WINDOWS\System32\hidserv.dll  (File not found)
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
"Norman eLogger service 6" (eLoggerSvc6) - "Norman ASA" - C:\Programme\Norman\Npm\Bin\Elogsvc.exe
"Norman Network Filtering service" (NNFSVC) - "Norman ASA" - C:\Programme\Norman\Ngs\Bin\Nnf.exe
"Norman NJeeves" (Norman NJeeves) - "Norman ASA" - C:\Programme\Norman\Npm\Bin\Njeeves.exe
"Norman Resource Provider" (NVOY) - "Norman ASA" - C:\Programme\Norman\npm\bin\nvoy.exe
"Norman Scanner Engine Service" (nsesvc) - "Norman ASA" - C:\Programme\Norman\nse\bin\NSESVC.EXE
"Norman Scheduler Service" (Scheduler) - "Norman ASA" - C:\Programme\Norman\Npm\Bin\scheduler.exe
"Norman Security service" (NPROSECSVC) - "Norman ASA" - C:\Programme\Norman\Ngs\Bin\Nprosec.exe
"Norman Virus Control on-access component" (nvcoas) - "Norman ASA" - C:\Programme\Norman\Nvc\Bin\nvcoas.exe
"Norman Virus Control Scheduler" (NVCScheduler) - ? - "C:\Programme\Norman\Npm\Bin\Nvcsched.exe"  (File not found)
"Norman ZANDA" (Norman ZANDA) - "Norman ASA" - C:\Programme\Norman\Npm\Bin\Zanda.exe
"Pml Driver HPZ12" (Pml Driver HPZ12) - "HP" - C:\WINDOWS\system32\HPZipm12.exe
"ProtexisLicensing" (ProtexisLicensing) - ? - C:\WINDOWS\system32\PSIService.exe
"TSMService" (TSMService) - "T-Systems Nova, Berkom" - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"WPEServ" (WPEServ) - "soft Xpansion" - C:\Programme\Gemeinsame Dateien\WPE\wpeserv.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Alt 01.09.2010, 21:04   #14
Rainer2
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Hier nun alles vom bootkit.

Viele Grüße,

Rainer

Bootkit Remover
(c) 2009 eSage Lab
www.esagelab.com

Program version: 1.2.0.0
OS Version: Microsoft Windows XP Professional Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`007d8200
Boot sector MD5 is: 5ddc20efcc4d1dab37c348c7db7289cf

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done;
Press any key to quit...

Alt 02.09.2010, 10:09   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internetverbindung wird ständig selbstständig unterbrochen - Standard

Internetverbindung wird ständig selbstständig unterbrochen



Einen Gegencheck brauch ich:

Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Internetverbindung wird ständig selbstständig unterbrochen
adobe, becker, bho, downloader, einstellungen, excel, explorer, firefox, google, hijack, hijackthis, hkus\s-1-5-18, internet explorer, logfile, microsoft, mozilla, norman, object, pdf, programme, security, software, superantispyware, system, virus, windows, windows xp, winload toolbar



Ähnliche Themen: Internetverbindung wird ständig selbstständig unterbrochen


  1. DOS-Fenster erscheint ständig und WLAN-Verbindung wird unterbrochen
    Log-Analyse und Auswertung - 24.10.2015 (2)
  2. Internet wird unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (7)
  3. Internetverbindung wird ständig getrennt - Virenscan nicht möglich!
    Log-Analyse und Auswertung - 03.05.2013 (0)
  4. Rescue Disk Update wird unterbrochen
    Log-Analyse und Auswertung - 24.04.2013 (2)
  5. "tcbhn mußte unterbrochen werden", dieses Feld wird ständig eingeblendet und ich kann nichts damit anfangen.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (1)
  6. Wlan internetverbindung wird ständig unterbrochen Silly.Gen Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.10.2009 (6)
  7. Internet wird andauernt unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 15.04.2009 (4)
  8. Internetverbindung wird unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 13.11.2008 (3)
  9. Internetverbindung ständig unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 01.11.2008 (0)
  10. Internetverbindung wird regelmäßig unterbrochen
    Mülltonne - 08.10.2008 (0)
  11. Internet wird unterbrochen, Neustart hilft
    Netzwerk und Hardware - 20.06.2007 (1)
  12. Taskmanager/Uhrzeit verändert w-lan ständig unterbrochen ?virus?
    Plagegeister aller Art und deren Bekämpfung - 08.02.2007 (5)
  13. Internetverbindung wird andauernd unterbrochen
    Plagegeister aller Art und deren Bekämpfung - 12.01.2007 (12)
  14. Prog versucht selbstständig Internetverbindung aufzubauen
    Log-Analyse und Auswertung - 14.10.2006 (9)
  15. Internetverbindung wird direkt unterbrochen
    Log-Analyse und Auswertung - 24.09.2006 (12)
  16. Internetverbindung wird ständig getrennt !Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 02.09.2006 (3)
  17. Internet- wird unterbrochen/ WLAN-Verbindung bleibt
    Alles rund um Windows - 19.07.2006 (15)

Zum Thema Internetverbindung wird ständig selbstständig unterbrochen - Hallo, ich habe mir vor ein paar Tagen etwas eingefangen. Seitdem wird ständig die Internetverbindung unterbrochen. Das kann manchmal nach einer Stunde geschehen, manchmal aber auch alle paar Minuten. Fast - Internetverbindung wird ständig selbstständig unterbrochen...
Archiv
Du betrachtest: Internetverbindung wird ständig selbstständig unterbrochen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.