TR/Shutdowner.fft , Internetbrowser öffnet russische Schmuddelseiten bei allen Eingaben

Xory · 27.12.2010, 15:27

Combofix Logfile:

Code:

ATTFilter

ComboFix 10-12-26.01 - ***** 27.12.2010  15:02:23.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2046.1645 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\*****\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\winlogon.exe . . . ist infiziert!!

c:\windows\explorer.exe . . . ist infiziert!!

.
(((((((((((((((((((((((   Dateien erstellt von 2010-11-27 bis 2010-12-27  ))))))))))))))))))))))))))))))
.

2010-12-27 10:31 . 2010-12-27 12:17	--------	d-----w-	C:\_OTL
2010-12-23 09:55 . 2010-12-23 09:55	--------	d-----w-	c:\programme\MSECache
2010-12-23 02:01 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-23 02:01 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-12-23 02:01 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll
2010-12-23 02:01 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-12-23 02:01 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-23 02:01 . 2010-12-23 02:01	--------	d-----w-	C:\987621f5f631b62539
2010-12-23 02:01 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2010-12-23 02:01 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll
2010-12-23 02:01 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2010-12-23 02:01 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll
2010-12-22 13:04 . 2010-11-29 16:42	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-22 13:03 . 2010-12-23 10:14	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2010-12-22 13:03 . 2010-11-29 16:42	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-12-21 20:08 . 2010-10-18 11:10	7680	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2010-12-21 20:08 . 2010-12-22 02:00	--------	d-----w-	c:\windows\ie8updates
2010-12-21 20:07 . 2010-11-06 00:21	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2010-12-21 20:07 . 2010-11-06 00:21	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-21 20:07 . 2010-11-06 00:21	602112	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2010-12-21 20:07 . 2010-11-06 00:21	1991680	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2010-12-21 20:07 . 2010-11-06 00:21	247808	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2010-12-21 20:07 . 2010-11-06 00:21	11080704	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2010-12-21 20:07 . 2010-11-06 00:21	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2010-12-21 02:56 . 2010-12-21 02:56	--------	d-----w-	c:\windows\system32\KB905474
2010-12-20 21:24 . 2010-12-22 13:39	--------	d-----w-	c:\programme\tmp
2010-12-20 16:31 . 2010-12-22 13:48	3584	----a-w-	c:\windows\system32\kb.dll
2010-12-20 16:28 . 2010-12-23 14:54	--------	d-----w-	c:\programme\Spybot - Search & Destroy
2010-12-20 16:09 . 2010-12-22 13:49	--------	d-----w-	c:\windows\system32\NtmsData
2010-12-20 15:55 . 2010-12-13 07:39	135096	----a-w-	c:\windows\system32\drivers\avipbb.sys
2010-12-20 15:55 . 2010-12-13 07:39	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2010-12-20 15:55 . 2010-06-17 13:27	45416	----a-w-	c:\windows\system32\drivers\avgntdd.sys
2010-12-20 15:55 . 2010-06-17 13:27	22360	----a-w-	c:\windows\system32\drivers\avgntmgr.sys
2010-12-20 15:55 . 2010-12-20 15:55	--------	d-----w-	c:\programme\Avira
2010-12-20 14:53 . 2009-02-02 11:38	106496	----a-w-	c:\windows\system32\ct_api_org.dll
2010-12-20 14:53 . 2008-08-28 19:45	49152	----a-w-	c:\windows\system32\ct_api_usb.dll
2010-12-20 14:53 . 2008-08-28 14:14	57344	----a-w-	c:\windows\system32\ct_api_com.dll
2010-12-20 14:53 . 2006-03-01 12:18	163840	----a-w-	c:\windows\system32\ct_api_omy.dll
2010-12-20 14:53 . 2006-01-20 12:28	389120	----a-w-	c:\windows\system32\ct_api_kob.dll
2010-12-20 14:53 . 2003-01-14 10:32	73728	----a-w-	c:\windows\system32\ct_api_scr.dll
2010-12-20 14:53 . 2002-02-28 10:52	61504	----a-w-	c:\windows\system32\Ct_api_chy.dll
2010-12-20 10:40 . 2010-12-20 10:41	--------	d-----w-	c:\programme\temp
2010-12-17 12:30 . 2010-12-17 12:30	--------	d-----w-	c:\programme\7-Zip
2010-12-17 06:48 . 2010-02-24 13:11	455680	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2010-12-17 06:47 . 2008-06-14 17:32	273024	-c----w-	c:\windows\system32\dllcache\bthport.sys
2010-12-17 06:47 . 2008-06-14 17:32	273024	------w-	c:\windows\system32\drivers\bthport.sys
2010-12-17 06:47 . 2010-04-28 18:11	2192256	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-17 06:47 . 2010-04-28 05:41	2148864	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-17 06:47 . 2010-04-28 05:41	2069120	-c----w-	c:\windows\system32\dllcache\ntkrnlpa.exe
2010-12-17 06:47 . 2010-04-28 05:41	2027008	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-17 06:45 . 2010-02-12 10:03	293376	------w-	c:\windows\system32\browserchoice.exe
2010-12-17 06:45 . 2009-11-27 16:08	8704	-c----w-	c:\windows\system32\dllcache\tsbyuv.dll
2010-12-17 06:45 . 2009-11-27 16:08	48128	-c----w-	c:\windows\system32\dllcache\iyuv_32.dll
2010-12-16 21:08 . 2009-01-07 17:20	26144	----a-w-	c:\windows\system32\spupdsvc.exe
2010-12-16 20:58 . 2010-12-22 13:43	--------	d-----w-	c:\programme\HGcaCGvq
2010-12-16 20:20 . 2005-05-09 10:38	55296	------w-	c:\windows\system32\brinsstr.dll
2010-12-16 20:20 . 2005-06-02 00:09	86016	------w-	c:\windows\system32\BrWebIns.dll
2010-12-16 20:20 . 2005-06-02 00:08	69632	------w-	c:\windows\system32\BRWEBUP.EXE
2010-12-16 20:20 . 2004-12-03 00:26	188416	------w-	c:\windows\system32\PDRVINST.DLL
2010-12-16 20:20 . 2005-10-13 18:18	163840	------w-	c:\windows\system32\NSSearch.dll
2010-12-16 20:20 . 2005-09-13 00:02	126976	------w-	c:\windows\system32\BrfxD05a.dll
2010-12-16 20:20 . 2005-08-09 17:59	53248	------w-	c:\windows\system32\BrMfNt.dll
2010-12-16 20:20 . 2002-11-26 12:43	106496	------w-	c:\windows\system32\BrMuSNMP.dll
2010-12-16 20:20 . 2004-12-10 15:35	147456	------w-	c:\windows\brunin03.dll
2010-12-16 19:46 . 2009-02-27 23:23	450560	----a-w-	c:\windows\system32\GDS32.DLL
2010-12-16 19:46 . 2009-02-27 14:34	462848	----a-w-	c:\windows\system32\Firebird2Control.cpl
2010-12-16 19:46 . 2010-12-16 19:46	--------	d-----w-	c:\programme\Firebird
2010-12-16 19:42 . 2010-12-27 11:02	--------	d-----w-	c:\programme\MMI PHARMINDEX
2010-12-16 19:26 . 2008-04-13 23:15	26112	-c--a-w-	c:\windows\system32\dllcache\usbser.sys
2010-12-16 19:26 . 2008-04-13 23:15	26112	----a-w-	c:\windows\system32\drivers\usbser.sys
2010-12-16 19:26 . 2008-05-06 09:53	81920	----a-w-	c:\windows\system32\ORGVC.dll
2010-12-16 19:25 . 2006-11-02 07:21	319456	----a-w-	c:\windows\system32\difxapi.dll
2010-12-16 19:25 . 2009-02-02 11:38	106496	----a-w-	c:\windows\system32\CTORG32.dll
2010-12-16 19:18 . 2010-12-16 19:18	240592	----a-w-	c:\windows\system32\nvdrsdb0.bin
2010-12-16 19:15 . 2010-12-16 19:20	--------	d-----w-	c:\programme\NVIDIA Corporation
2010-12-16 19:15 . 2010-12-16 19:15	--------	d-----w-	C:\NVIDIA
2010-12-16 19:08 . 2008-04-13 23:15	26368	-c--a-w-	c:\windows\system32\dllcache\usbstor.sys
2010-12-16 18:58 . 2003-09-28 22:36	102400	----a-w-	c:\windows\system32\FDFACX.DLL
2010-12-16 18:58 . 2003-09-28 22:36	634880	----a-w-	c:\windows\system32\FdfTk.dll
2010-12-16 18:50 . 2003-10-07 08:59	319488	----a-w-	c:\windows\nix2.exe
2010-12-16 18:30 . 1998-04-27 00:00	570128	----a-w-	c:\windows\system32\DAO350.DLL
2010-12-16 18:25 . 1999-04-21 01:00	37136	----a-w-	c:\windows\system\Regsvr32.exe
2010-12-16 18:02 . 2010-12-16 18:02	--------	d-----w-	c:\programme\Lavalys
2010-12-16 17:50 . 2010-12-03 19:43	555752	----a-w-	c:\programme\Mozilla Firefox\uninstall\helper.exe
2010-12-16 17:49 . 2010-12-03 19:43	25048	----a-w-	c:\programme\Mozilla Firefox\components\browserdirprovider.dll
2010-12-16 17:49 . 2010-12-03 19:43	140248	----a-w-	c:\programme\Mozilla Firefox\components\brwsrcmp.dll
2010-12-16 17:44 . 2008-04-13 23:17	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2010-12-16 17:44 . 2008-04-13 23:17	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2010-12-16 17:44 . 2008-04-13 23:15	32128	-c--a-w-	c:\windows\system32\dllcache\usbccgp.sys
2010-12-16 17:44 . 2008-04-13 23:15	32128	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2010-12-16 17:21 . 2008-04-13 23:09	5376	-c--a-w-	c:\windows\system32\dllcache\mspclock.sys
2010-12-16 17:21 . 2008-04-13 23:09	5376	----a-w-	c:\windows\system32\drivers\MSPCLOCK.sys
2010-12-16 17:21 . 2008-04-13 23:49	146048	-c--a-w-	c:\windows\system32\dllcache\portcls.sys
2010-12-16 17:21 . 2008-04-13 23:49	146048	----a-w-	c:\windows\system32\drivers\portcls.sys
2010-12-16 17:21 . 2008-04-14 06:52	4096	-c--a-w-	c:\windows\system32\dllcache\ksuser.dll
2010-12-16 17:21 . 2008-04-14 06:52	4096	----a-w-	c:\windows\system32\ksuser.dll
2010-12-16 17:16 . 2007-07-12 03:49	96384	----a-r-	c:\windows\system32\drivers\Rtnicxp.sys
2010-12-16 17:14 . 2010-12-23 09:54	--------	d-----w-	c:\dokumente und einstellungen\Gurba
2010-12-16 17:13 . 2010-12-16 17:13	--------	d-sh--w-	c:\dokumente und einstellungen\LocalService.NT-AUTORITÄT
2010-12-16 17:13 . 2010-12-16 17:13	--------	d-sh--w-	c:\dokumente und einstellungen\NetworkService.NT-AUTORITÄT
2010-12-16 17:11 . 2008-04-14 12:00	45568	-c--a-w-	c:\windows\system32\dllcache\ssinc51.dll
2010-12-16 17:10 . 2008-04-14 12:00	13463552	-c--a-w-	c:\windows\system32\dllcache\hwxjpn.dll
2010-12-16 17:09 . 2004-05-12 23:39	598071	-c--a-w-	c:\windows\system32\dllcache\fpmmc.dll
2010-12-16 17:07 . 2008-04-14 12:00	11264	-c--a-w-	c:\windows\system32\dllcache\atrace.dll
2010-12-16 17:06 . 2009-08-06 18:24	327896	-c--a-w-	c:\windows\system32\dllcache\wucltui.dll
2010-12-16 17:05 . 2008-04-14 12:00	33792	----a-w-	c:\programme\Messenger\custsat.dll
2010-12-16 17:03 . 2008-04-14 12:00	677888	-c--a-w-	c:\windows\system32\dllcache\lhmstsc.exe
2010-12-16 16:59 . 2001-08-17 12:59	3072	----a-w-	c:\windows\system32\drivers\audstub.sys
2010-12-16 16:59 . 2008-04-14 06:22	57728	----a-w-	c:\windows\system32\drivers\redbook.sys
2010-12-16 16:58 . 2008-04-14 06:52	77312	-c--a-w-	c:\windows\system32\dllcache\usbui.dll
2010-12-16 16:58 . 2008-04-14 06:52	77312	----a-w-	c:\windows\system32\usbui.dll
2010-12-16 16:56 . 2008-04-14 12:00	22016	-c--a-w-	c:\windows\system32\dllcache\agt0408.dll
2010-12-16 16:56 . 2008-04-14 12:00	19456	-c--a-w-	c:\windows\system32\dllcache\agt041f.dll
2010-12-16 16:56 . 2008-04-14 12:00	19456	-c--a-w-	c:\windows\system32\dllcache\agt0419.dll
2010-12-16 16:56 . 2008-04-14 12:00	19968	-c--a-w-	c:\windows\system32\dllcache\agt040e.dll
2010-12-16 16:56 . 2008-04-14 12:00	19456	-c--a-w-	c:\windows\system32\dllcache\agt0415.dll
2010-12-16 16:56 . 2008-04-14 12:00	19456	-c--a-w-	c:\windows\system32\dllcache\agt0405.dll
2010-12-16 16:54 . 2010-12-17 12:47	--------	d-----w-	c:\dokumente und einstellungen\All Users.WINDOWS
2010-12-16 16:54 . 2010-12-16 17:09	--------	d--h--w-	c:\dokumente und einstellungen\Default User.WINDOWS
2010-12-15 16:46 . 2010-12-15 16:46	--------	d-----w-	c:\dokumente und einstellungen\Administrator
2010-12-15 15:58 . 2010-12-15 15:58	--------	d-----w-	c:\dokumente und einstellungen\praxis\Anwendungsdaten\BitDefender
2010-12-15 15:10 . 2010-12-22 13:39	--------	d-----w-	c:\programme\jypiXmrql$jœËwfonmcso.exe
2010-12-13 15:26 . 2010-12-13 15:26	--------	d-----w-	c:\programme\BitDefender
2010-12-12 15:51 . 2010-12-12 15:51	--------	d-----w-	c:\dokumente und einstellungen\praxis\Anwendungsdaten\Malwarebytes
2010-12-08 06:38 . 2010-12-08 06:38	--------	d-----w-	C:\found.000

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-06 00:21 . 2008-04-14 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2010-11-06 00:21 . 2008-04-14 12:00	43520	------w-	c:\windows\system32\licmgr10.dll
2010-11-06 00:21 . 2008-04-14 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2008-04-14 12:00	385024	------w-	c:\windows\system32\html.iec
2010-11-02 15:17 . 2008-04-14 12:00	40960	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:12 . 2008-04-14 12:00	290048	----a-w-	c:\windows\system32\atmfd.dll
2010-10-26 14:05 . 2008-04-14 12:00	1853440	----a-w-	c:\windows\system32\win32k.sys
2010-10-16 11:05 . 2010-10-16 11:05	81920	----a-w-	c:\windows\system32\nvwddi.dll
2010-10-16 11:05 . 2010-10-16 11:05	335872	----a-w-	c:\windows\system32\nvrsar.dll
2010-10-16 11:05 . 2010-10-16 11:05	331776	----a-w-	c:\windows\system32\nvrshe.dll
2010-10-16 11:05 . 2010-10-16 11:05	286720	----a-w-	c:\windows\system32\nvrsfr.dll
2010-10-16 11:05 . 2010-10-16 11:05	282624	----a-w-	c:\windows\system32\nvrses.dll
2010-10-16 11:05 . 2010-10-16 11:05	282624	----a-w-	c:\windows\system32\nvrsel.dll
2010-10-16 11:05 . 2010-10-16 11:05	278528	----a-w-	c:\windows\system32\nvrsde.dll
2010-10-16 11:05 . 2010-10-16 11:05	274432	----a-w-	c:\windows\system32\nvrsnl.dll
2010-10-16 11:05 . 2010-10-16 11:05	274432	----a-w-	c:\windows\system32\nvrsesm.dll
2010-10-16 11:05 . 2010-10-16 11:05	270336	----a-w-	c:\windows\system32\nvrsru.dll
2010-10-16 11:05 . 2010-10-16 11:05	270336	----a-w-	c:\windows\system32\nvrsptb.dll
2010-10-16 11:05 . 2010-10-16 11:05	266240	----a-w-	c:\windows\system32\nvrsko.dll
2010-10-16 11:05 . 2010-10-16 11:05	262144	----a-w-	c:\windows\system32\nvrshu.dll
2010-10-16 11:05 . 2010-10-16 11:05	258048	----a-w-	c:\windows\system32\nvrstr.dll
2010-10-16 11:05 . 2010-10-16 11:05	258048	----a-w-	c:\windows\system32\nvrssl.dll
2010-10-16 11:05 . 2010-10-16 11:05	258048	----a-w-	c:\windows\system32\nvrssk.dll
2010-10-16 11:05 . 2010-10-16 11:05	253952	----a-w-	c:\windows\system32\nvrsth.dll
2010-10-16 11:05 . 2010-10-16 11:05	253952	----a-w-	c:\windows\system32\nvrssv.dll
2010-10-16 11:05 . 2010-10-16 11:05	253952	----a-w-	c:\windows\system32\nvrsda.dll
2010-10-16 11:05 . 2010-10-16 11:05	249856	----a-w-	c:\windows\system32\nvrsfi.dll
2010-10-16 11:05 . 2010-10-16 11:05	249856	----a-w-	c:\windows\system32\nvrseng.dll
2010-10-16 11:05 . 2010-10-16 11:05	249856	----a-w-	c:\windows\system32\nvrscs.dll
2010-10-16 11:05 . 2010-10-16 11:05	229376	----a-w-	c:\windows\system32\nvrszhc.dll
2010-10-16 11:05 . 2010-10-16 11:05	126976	----a-w-	c:\windows\system32\nvrszht.dll
2010-10-16 11:05 . 2010-10-16 11:05	282624	----a-w-	c:\windows\system32\nvrsit.dll
2010-10-16 11:05 . 2010-10-16 11:05	277608	----a-w-	c:\windows\system32\nvmccs.dll
2010-10-16 11:05 . 2010-10-16 11:05	274432	----a-w-	c:\windows\system32\nvrspt.dll
2010-10-16 11:05 . 2010-10-16 11:05	270336	----a-w-	c:\windows\system32\nvrsja.dll
2010-10-16 11:05 . 2010-10-16 11:05	258048	----a-w-	c:\windows\system32\nvrspl.dll
2010-10-16 11:05 . 2010-10-16 11:05	253952	----a-w-	c:\windows\system32\nvrsno.dll
2010-10-16 11:05 . 2010-10-16 11:05	156776	----a-w-	c:\windows\system32\nvsvc32.exe
2010-10-16 11:05 . 2010-10-16 11:05	145000	----a-w-	c:\windows\system32\nvcolor.exe
2010-10-16 11:05 . 2010-10-16 11:05	13851752	----a-w-	c:\windows\system32\nvcpl.dll
2010-10-16 11:05 . 2010-10-16 11:05	110696	----a-w-	c:\windows\system32\nvmctray.dll
2010-07-08 08:37 . 2010-07-08 08:37	101544	----a-w-	c:\programme\Gemeinsame Dateien\LinkInstaller.exe
.

------- Sigcheck -------

[-] 2008-04-14 . D9ABB6EA254FD611A5A4F636ADD32B30 . 513024 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-14 . E98439A61C31BE2F10BC5F69070E462E . 1036800 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
(((((((((((((((((((((((((((((   SnapShot@2010-12-23_11.37.30   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 12:00 . 2010-12-23 17:03	79560              c:\windows\system32\perfc009.dat
- 2008-04-14 12:00 . 2010-12-23 02:17	79560              c:\windows\system32\perfc009.dat
- 2008-04-14 12:00 . 2010-12-23 02:17	94774              c:\windows\system32\perfc007.dat
+ 2008-04-14 12:00 . 2010-12-23 17:03	94774              c:\windows\system32\perfc007.dat
+ 2010-04-07 22:48 . 2010-04-07 22:48	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-29 18:16 . 2008-07-29 18:16	32768              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-12-23 17:04 . 2010-12-23 17:04	32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-12-23 02:02 . 2010-12-23 02:02	32768              c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-12-23 02:16 . 2010-12-23 02:16	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-12-23 02:15 . 2010-12-23 02:15	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-04-14 12:00 . 2010-12-23 02:17	460708              c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2010-12-23 17:03	460708              c:\windows\system32\perfh009.dat
- 2008-04-14 12:00 . 2010-12-23 02:17	481838              c:\windows\system32\perfh007.dat
+ 2008-04-14 12:00 . 2010-12-23 17:03	481838              c:\windows\system32\perfh007.dat
+ 2010-12-16 16:54 . 2010-12-27 14:01	263824              c:\windows\system32\FNTCACHE.DAT
+ 2010-04-07 22:48 . 2010-04-07 22:48	970752              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 18:16 . 2008-07-29 18:16	110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48	110592              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-23 20:02 . 2010-09-23 20:02	798208              c:\windows\Installer\747b66.msp
+ 2009-03-20 10:48 . 2009-03-20 10:48	183808              c:\windows\Installer\747b5f.msp
+ 2010-12-27 09:52 . 2010-12-27 09:52	859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-12-27 09:52 . 2010-12-27 09:52	328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-12-27 09:52 . 2010-12-27 09:52	301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-12-27 09:52 . 2010-12-27 09:52	547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-12-23 17:08 . 2010-12-23 17:08	381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-12-23 17:18 . 2010-12-23 17:18	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-12-23 17:18 . 2010-12-23 17:18	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-12-23 17:18 . 2010-12-23 17:18	256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-12-23 17:18 . 2010-12-23 17:18	320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-12-23 17:18 . 2010-12-23 17:18	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-12-23 17:18 . 2010-12-23 17:18	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
- 2010-12-23 02:15 . 2010-12-23 02:15	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-12-23 17:04 . 2010-12-23 17:04	970752              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-12-23 17:04 . 2010-12-23 17:04	438272              c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-12-23 02:01 . 2010-12-23 02:01	110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-12-23 17:04 . 2010-12-23 17:04	110592              c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48	5967872              c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2010-12-27 09:52 . 2010-12-27 09:52	1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-12-27 09:52 . 2010-12-27 09:52	2405376              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-12-27 09:51 . 2010-12-27 09:51	1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-12-23 17:08 . 2010-12-23 17:08	2345472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-12-23 17:08 . 2010-12-23 17:08	1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-12-27 09:51 . 2010-12-27 09:51	1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-12-23 17:06 . 2010-12-23 17:06	2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-12-27 09:50 . 2010-12-27 09:50	9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-12-23 17:18 . 2010-12-23 17:18	1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	3182592              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	3182592              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-12-23 02:21 . 2010-12-23 02:21	1277952              c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-12-23 17:06 . 2010-12-23 17:06	1277952              c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-12-23 17:04 . 2010-12-23 17:04	5967872              c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-12-23 17:02 . 2010-12-23 17:02	5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-12-23 02:15 . 2010-12-23 02:15	5242880              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-12-23 17:03 . 2010-12-23 17:03	4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-12-23 02:16 . 2010-12-23 02:16	4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-04-11 21:17 . 2010-04-11 21:17	14599680              c:\windows\Installer\747b55.msp
+ 2010-12-23 17:18 . 2010-12-23 17:18	17403904              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl05c\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2005-11-11 995328]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Programme\\TeamViewer\\Version6\\TeamViewer_Service.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [20.12.2010 16:55 135336]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\programme\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> c:\programme\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\programme\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> c:\programme\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
.
Inhalt des "geplante Tasks" Ordners

2010-12-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-12-21 21:18]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\dokumente und einstellungen\Gurba\Anwendungsdaten\Mozilla\Firefox\Profiles\y7ru3wnf.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-12-27 15:07
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Zeit der Fertigstellung: 2010-12-27  15:10:00
ComboFix-quarantined-files.txt  2010-12-27 14:09
ComboFix2.txt  2010-12-15 07:57
ComboFix3.txt  2010-12-12 16:38

Vor Suchlauf: 21 Verzeichnis(se), 136.728.969.216 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 136.746.446.848 Bytes frei

- - End Of File - - 0D2F160BBE5BBDB1B5BD6F1F0B9A5ED7

--- --- ---

TR/Shutdowner.fft , Internetbrowser öffnet russische Schmuddelseiten bei allen Eingaben

Plagegeister aller Art und deren Bekämpfung: TR/Shutdowner.fft , Internetbrowser öffnet russische Schmuddelseiten bei allen Eingaben

ComboFix Log

Ähnliche Themen: TR/Shutdowner.fft , Internetbrowser öffnet russische Schmuddelseiten bei allen Eingaben